Using other blacklists for host blocking?
Hugo van der Kooij
hvdkooij at vanderkooij.org
Sun Nov 30 22:19:24 GMT 2008
-----BEGIN PGP SIGNED MESSAGE-----
> Seeing the rising amount of failed SSH attempts to several of the boxes
> I have, I was wondering ... has anyone here tried to use some other
> blacklists to block incoming MTA access?
> Assuming that a large amount of spam is delivered through botnets, which
> may also be used for other types of attacks, using data from one attack
> vector might be helpful in taking care of other things, too ...
> especially as things like failed SSH connections are more objective than
> deciding whether a mail is spam or not ...
The two are totally unreleated. Most SSH session originate from unix
boxes under poor management.
Where just about all spam originate from poorly managed windows machines.
So what will you learn in relation to SMTP from these SSH connections?
Just about nothing.
hvdkooij at vanderkooij.org http://hugo.vanderkooij.org/
PGP/GPG? Use: http://hugo.vanderkooij.org/0x58F19981.asc
>Q: Are you sure?
>>A: Because it reverses the logical flow of conversation.
>>>Q: Why is top posting frowned upon?
Bored? Click on http://spamornot.org/ and rate those images.
Nid wyf yn y swyddfa ar hyn o bryd. Anfonwch unrhyw waith i'w gyfieithu.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org
-----END PGP SIGNATURE-----
More information about the MailScanner