On Fri, Sep 10, 1999 at 07:55:52PM -0400, Sam wrote:
>
> Furthermore, you ignored the rest of my post, which compared whatever
> miniscule benefit you get from practicing security through obscurity
> weighed against your server now being a willing accomplice in a
> denial-of-service attack. The same script kiddies are far less likely to
> select a nailed down service in order to mailbomb someone by proxy,
> instead it's much easier to shove a few thousand messages with a few
> thousand bad recipients into Qmail's queue, then sit back and watch Qmail
> unload a few million messages into the target's mailbox.
So aside from debating the value of doing it, can somebody address the
main point of my initial post: How do you configure qmail to PREVENT such
a thing from happening? I'm a qmail newbie, and haven't seen anything in
the documentation that says how to get qmail to reject messages with bogus
"to" fields up front, rather than delaying and then bouncing the message.
--
Rod Smith
[EMAIL PROTECTED]
http://members.bellatlantic.net/~smithrod
Author of _Special Edition Using Corel WordPerfect 8 for Linux_, from Que
