[milters] Archive

Lists Index Date Thread Search

Article: 339
From: Aaron Berg
Date: 2005-02-17 10:22:47 -0500
Subject: Re: user account fishing

Removal...........: milters-request@milter.info?subject=remove
More information..: http://www.milter.info/#Support

That information is interesting. This would explain why I have found 
milters that allow you to do regular expressions on the recieved 
messages as the come in and before they get to sendmail.

One idea might be to just keep a log of valid email addresses in a 
specified database. Then just autoblacklist ip's for some period of time 
after they have tried too many non-valid addresses. But it seems like 
this would be more work then is needed. Could the milter just parse 
passwd and virtusertable for valid email addresses just like sendmail 
does? Where there is a will there is a way.

Anthony Howe wrote:

>Removal...........: milters-request@milter.info?subject=remove
>More information..: http://www.milter.info/#Support
>Aaron Berg wrote:
>>Does anyone know of an effective way to block ip addresses for some 
>>period of time if they have requested to send to say 10 user unknowns in 
>>some period of time?
>>Thanks for any input,
>This was something I had considered for milter-limit (milter-miss was 
>the project idea), but one of the difficult things with the milter API 
>is finding out the reason a message is rejected or aborted by Sendmail 
>or another milter, because the API has no logging, stats, or reporting 
>features for milters to collect such information. Best you can do in a 
>milter is say something like:
>	N aborts per IP / domain / sender and you auto blacklist
>xxfi_abort is called for each milter when a message fail to be accepted, 
>but doesn't say why.
>If people think this interesting, I can consider resuming the idea once 

Aaron Berg
VoyageurWeb Engineering
209 South Second St., Suite 314
P.O. Box 205 Mankato, MN 56002-0205
(507) 344-2280

Lists Index Date Thread Search