Petra Humann wrote:
Do you know the sendmail badrcpt_shutdown patch?
http://www.jmaimon.com/sendmail/
After an defined number of bad recipients the SMTP session terminates:
Possible SMTP RCPT flood, shutting down connection.
I hadn't heard about that patch. But even without the patch,
you
Les wrote on 06/09/2009 01:59:38 PM:
And unless you expect messages with a large number of recipients you can
refuse to accept them without running any perl code:
define(`confMAX_RCPTS_PER_MESSAGE',`5')dnl
'Real' senders are supposed to figure this out and resend but I don't
know how it
Do you know the sendmail badrcpt_shutdown patch?
http://www.jmaimon.com/sendmail/
After an defined number of bad recipients the SMTP session terminates:
Possible SMTP RCPT flood, shutting down connection.
Regards.
Petra Humann
---
Mail:hum...@tcs.inf.tu-dresden.de
WWW:
afo cliff wrote:
Yes thanks, I tried that, the down side for me is that it sends a
User Unknown reject notification, which I'm trying to avoid. I
don't want my server to waste time sending 10,000 rejects to a zombie
somewhere.
???
It doesn't send a notification. All it does is reply with a
Matt Garretson wrote:
afo cliff wrote:
@mydomain.com bitbucket
You can also do something like this in your virtusertable:
@mydomain.com error:5.1.1:550 User unknown
Then, you won't need the bitbucket alias.
See http://www.sendmail.org/m4/features.html
Yes thanks, I tried that, the
afo cliff wrote:
Matt Garretson wrote:
afo cliff wrote:
@mydomain.com bitbucket
You can also do something like this in your virtusertable:
@mydomain.com error:5.1.1:550 User unknown
Then, you won't need the bitbucket alias.
See http://www.sendmail.org/m4/features.html
Yes thanks, I tried
Renaud,
FILTERING BY RECIPIENT
You can define a function called filter_recipient in your filter. This
lets you reject messages to certain recipients, rather than waiting
until the whole message has been sent. Note that for this check to
take place, you must use
Ok, I'm convinced. I'll send the failure responses.
___
NOTE: If there is a disclaimer or other legal boilerplate in the above
message, it is NULL AND VOID. You may ignore it.
Visit http://www.mimedefang.org and http://www.roaringpenguin.com
afo cliff wrote:
Thanks for the info. It mentions using the -t flag ... however, I
start mimedefang with service mimedefang start so I don't have any
control over the flags that are being used.
It sounds like you have Fedora or a Redhat variant? There should
be /etc/sysconfig/mimedefang
Matt Garretson wrote:
afo cliff wrote:
Thanks for the info. It mentions using the -t flag ... however, I
start mimedefang with service mimedefang start so I don't have any
control over the flags that are being used.
It sounds like you have Fedora or a Redhat variant? There should
be
Ok, then it looks like it's better to stick with access/virtusertable rejection.
But, if you have defined everyone in virtusertable with default rejects,
sendmail will process invalid recipients faster than mimedefang can. You
might still get a few instances where where a message comes in with
afo cliff afocl...@gmail.com 09/06/2009 17:18
Ok, then it looks like it's better to stick with access/virtusertable
rejection.
No, it is infinitely better to do it in filter_recipient, and terminate
the connection after a number of invalid recipients.
Consider the case where a spammer
Paul Murphy wrote:
afo cliff afocl...@gmail.com 09/06/2009 17:18
Ok, then it looks like it's better to stick with access/virtusertable
rejection.
No, it is infinitely better to do it in filter_recipient, and terminate
the connection after a number of invalid recipients.
Consider the case
Les Mikesell wrote:
Spammers are a lot smarter than that these days. If you watch your logs
during a dictionary attack you are likely to see the messages come in
from dozens of different IP addresses that are obviously coordinating
the address space and timing so you don't see a big number
That reminds me,
I lost my sendmail blackhole script when my server crashed last year...
I think some people asked me for it -- if you still have a copy you could email
me,
I'd really appreciate it.
Thanks,
-Ben
___
NOTE: If there is a disclaimer
Les Mikesell l...@futuresource.com 09/06/2009 18:59
Spammers are a lot smarter than that these days. If you watch your logs
during a dictionary attack you are likely to see the messages come in
from dozens of different IP addresses that are obviously coordinating
the address space and
afo cliff wrote:
@mydomain.com bitbucket
You can also do something like this in your virtusertable:
@mydomain.com error:5.1.1:550 User unknown
Then, you won't need the bitbucket alias.
See http://www.sendmail.org/m4/features.html
___
NOTE: If
Matt Garretson wrote:
afo cliff wrote:
@mydomain.com bitbucket
You can also do something like this in your virtusertable:
@mydomain.com error:5.1.1:550 User unknown
Then, you won't need the bitbucket alias.
See http://www.sendmail.org/m4/features.html
Yes, that approach will be much
-Original Message-
From: mimedefang-boun...@lists.roaringpenguin.com [mailto:mimedefang-
boun...@lists.roaringpenguin.com] On Behalf Of Les Mikesell
Sent: Monday, June 08, 2009 10:44 AM
To: mimedefang@lists.roaringpenguin.com
Subject: Re: [Mimedefang] Blocking Dictionary Attacks
Jason Bertoch wrote:
-Original Message-
From: mimedefang-boun...@lists.roaringpenguin.com [mailto:mimedefang-
boun...@lists.roaringpenguin.com] On Behalf Of Les Mikesell
Sent: Monday, June 08, 2009 10:44 AM
To: mimedefang@lists.roaringpenguin.com
Subject: Re: [Mimedefang] Blocking
Les Mikesell l...@futuresource.com wrote:
afo cliff wrote:
Les,
That's a great idea! I tried it but no matter what I do, sendmail is
letting everything through. Virtusertable is configured correctly in
sendmail.mc, also did the appropriate makemap. I think something has
changed in
On Oct 25, 4:06pm, afo cliff wrote:
}
} That's a great idea! I tried it but no matter what I do, sendmail is
} letting everything through. Virtusertable is configured correctly in
} sendmail.mc, also did the appropriate makemap. I think something has
} changed in sendmail (I have 8.13.8).
Andrzej Adam Filip wrote:
That's a great idea! I tried it but no matter what I do, sendmail is
letting everything through. Virtusertable is configured correctly in
sendmail.mc, also did the appropriate makemap. I think something has
changed in sendmail (I have 8.13.8). I've searched the
I block this using some custom code in filter_recipient which keeps the ongoing
good and bad recipient counts in a local file in the spool directory. If there
are more than 2 bad recipients, and more bad recipients than good recipients,
then I reject the whole message and firewall the
afo cliff wrote:
That's a great idea! I tried it but no matter what I do, sendmail is
letting everything through. Virtusertable is configured correctly in
sendmail.mc, also did the appropriate makemap. I think something has
changed in sendmail (I have 8.13.8). I've searched the world over
Paul:
I am intrigued by your mention of using filter_recipient. I did a
grep on that and can't find it. Is that part of mimedefang?
Thanks for everyone's help. I was able to get it to work. I already
could make it work with access table, but this method does not produce
rejection notices.
Thanks Matt ... now I'm makin copies :)
I need to have a way to stop dictionary attacks ... unless there is a
better way I was going to extract the TO address and discard the email
in mimedefang-filter if the user did not exist when compared against a
database table of valid users. I'd be
afo cliff wrote:
I need to have a way to stop dictionary attacks ... unless there is a
better way I was going to extract the TO address and discard the email
in mimedefang-filter if the user did not exist when compared against a
database table of valid users. I'd be interested to know the
afo cliff wrote:
Thanks Matt ... now I'm makin copies :)
I need to have a way to stop dictionary attacks ... unless there is a
better way I was going to extract the TO address and discard the email
in mimedefang-filter if the user did not exist when compared against a
database table of valid
Les,
That's a great idea! I tried it but no matter what I do, sendmail is
letting everything through. Virtusertable is configured correctly in
sendmail.mc, also did the appropriate makemap. I think something has
changed in sendmail (I have 8.13.8). I've searched the world over 10
times and
afo cliff wrote:
Les,
That's a great idea! I tried it but no matter what I do, sendmail is
letting everything through. Virtusertable is configured correctly in
sendmail.mc, also did the appropriate makemap. I think something has
changed in sendmail (I have 8.13.8). I've searched the world
31 matches
Mail list logo