On Fri, 2 Jul 2004, Penelope Fudd wrote:
> Recently spammers verified their mailing list using this SMTP dialogue.
This is an old technique called a "dictionary attack" or "directory
harvesting".
Sendmail 8.13 has countermeasures, like closing a connection after N bad
SMTP commands.
I run a scr
Recently spammers verified their mailing list using this SMTP dialogue.
How do I add this to mimedefang?
220 scotty.example.com ESMTP Sendmail 8.12.11/8.12.11; Thu, 1 Jul 2004
15:08:21 -0700
HELO c-24-1-219-157.client.comcast.net
250 scotty.example.com Hello c-24-1-219-157.client.comcast.net
[24.
On Mon, 5 Jul 2004, Stewart James wrote:
> First. If I put some code in the filter_begin to reject messages not
> just run message_contain_virus, it will work better and trend will not
> get called. But, the reason why is not what I can call good news.
Clam will sometimes detect a virus in the ra
On Mon, 2004-07-05 at 09:50, David F. Skoll wrote:
> > Recently spammers verified their mailing list using this SMTP dialogue.
>
> This is an old technique called a "dictionary attack" or "directory
> harvesting".
>
> Sendmail 8.13 has countermeasures, like closing a connection after N bad
> SMT
On Mon, 5 Jul 2004, Les Mikesell wrote:
> I think spammers have adapted by sending only a few addresses at
> a time, perhaps from virus-owned zombie relays.
That was the logical next step. It's practically impossible to fight
that. And honestly, until directory harvest attacks start overloading
I'm trying to implement a corporate policy on use of encryption, with
restrictions in the filter to enforce the policy as much as possible.
The elements of the policy are:
1. All mail to selected domains must be encrypted
2. Encryption is to be all or nothing - if any unencrypted part is found
> > I think spammers have adapted by sending only a few addresses at
> > a time, perhaps from virus-owned zombie relays.
>
> That was the logical next step. It's practically impossible to fight
> that. And honestly, until directory harvest attacks start overloading
> my machine or costing me ba
On Mon, 5 Jul 2004, Paul Murphy wrote:
> One possible approach is to appear to accept all addresses, then
> check the recipient address but take no action until the DATA phase
> - at which point you can refuse the message with a 5xx error without
> indicating whether the address exists or not.
Th
Would this item; in filter_end exclude all further mail filtering, on mail
going from localhost to this a particular recipient?
#in filter_end.
if ($recipient =~ /[EMAIL PROTECTED]/) {
exit;
}
Does not appear to be working...
--
Luke Computer Science System Administrator
Security Admi
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
> $pass=;
> my $gpg = Mail::GPG->new(default_key_id=>'4B771017',
> default_passphrase=>$pass,
> debug=>1,
> gnupg_hash_init=>{ armor => 1,
> batch => 1,
> homedir => '/home/defang'} )
Hi All,
Since upgrading to the latest MIMEDefang today I have
bad file descriptor errors - I assume this is an
embedded perl scope issue.
So, I currently do the following:
1) I do *not* use filer_initialise
2) The file descriptor are global and are declared
*outside* of any function.
3) valid co
>
> Anyway, as of this posting, entity_contains_virus() functions are officially
> deprecated. They may be removed in a future version of MIMEDefang.
thats funny - I thought message_contains_virus was depracated and
entity_contains_virus was replacing it.
That solves my problems pretty damn qu
Chris Masters wrote:
Hi All,
Since upgrading to the latest MIMEDefang today I have
bad file descriptor errors - I assume this is an
embedded perl scope issue.
So, I currently do the following:
1) I do *not* use filer_initialise
2) The file descriptor are global and are declared
*outside* of any fu
Lucas Albers wrote:
Would this item; in filter_end exclude all further mail filtering, on mail
going from localhost to this a particular recipient?
#in filter_end.
if ($recipient =~ /[EMAIL PROTECTED]/) {
exit;
}
Does not appear to be working...
Lucas,
if you just want to bypass all fil
On Mon, 5 Jul 2004, Chris Masters wrote:
> Since upgrading to the latest MIMEDefang today I have
> bad file descriptor errors - I assume this is an
> embedded perl scope issue.
Possibly.
> 1) I do *not* use filer_initialise
You should probably use it. Any files opened at global scope outside
a
15 matches
Mail list logo