On Tuesday, December 6, 2005, 2:13:43 PM, William wrote: WVH> Pete,
WVH> How about just creating some accounts that are commonly targeted by WVH> dictionary attacks, but that were never actually valid accounts on our WVH> server? I could redirect all of them to a common mailbox. There are also a WVH> few other "common" (non-role) addresses that we do not use, which always get WVH> targeted by spammers. I am thinking of sales@, info@, etc. I have WVH> accumulated quite a list of common dictionary attack names from my logs. I WVH> wouldn't have to seed the addresses anywhere. They get hit just by virtue of WVH> how common they are. That is definitely another good strategy -- more limited and better structured than using a "nobody" account. The only caveat is making sure that nobody on the outside would ever have reason to expect an info@ or sales@ address existed... sometimes folks will guess. If this happens, it's usually not a fatal problem, but it's worth thinking about on a case-by-case basis. Do you have a histogram for your list? That would be interesting to see. Thanks, _M This E-Mail came from the Message Sniffer mailing list. For information and (un)subscription instructions go to http://www.sortmonster.com/MessageSniffer/Help/Help.html
