Pete, How about just creating some accounts that are commonly targeted by dictionary attacks, but that were never actually valid accounts on our server? I could redirect all of them to a common mailbox. There are also a few other "common" (non-role) addresses that we do not use, which always get targeted by spammers. I am thinking of sales@, info@, etc. I have accumulated quite a list of common dictionary attack names from my logs. I wouldn't have to seed the addresses anywhere. They get hit just by virtue of how common they are.
William Van Hefner Network Administrator Vantek Communications, Inc. 555 H Street, Ste. C Eureka, CA 95501 707.476.0833 ph This E-Mail came from the Message Sniffer mailing list. For information and (un)subscription instructions go to http://www.sortmonster.com/MessageSniffer/Help/Help.html
