[milters] Archive

Lists Index Date Thread Search

Article: 347
From: Anthony Howe
Date: 2005-02-18 00:49:20 -0500
Subject: Re: user account fishing

Removal...........: milters-request@milter.info?subject=remove
More information..: http://www.milter.info/#Support
--------------------------------------------------------

Aaron Berg wrote:
> That information is interesting. This would explain why I have found 
> milters that allow you to do regular expressions on the recieved 
> messages as the come in and before they get to sendmail.
> 
> One idea might be to just keep a log of valid email addresses in a 
> specified database. Then just autoblacklist ip's for some period of time 
> after they have tried too many non-valid addresses. But it seems like 
> this would be more work then is needed. Could the milter just parse 
> passwd and virtusertable for valid email addresses just like sendmail 
> does? Where there is a will there is a way

Early versions of milter-sender tried to detect legitimate local users 
for the purpose of white-listing from within the milter, but determining 
a local user address is actually pretty complex operation in sendmail. 
Trivial attempts and assumptions with getpwnam(), virtusertable, 
aliases, mascaraeding, relay forwarding, and other transformation, LDAP, 
Cyrus virtual users, etc. just became a nightname to do correctly for 
little gain. I abandoned that after a while, which simplied the 
white-listing model and implementation and became better, leaving 
sendmail to report "user unknown".

To do something similar is for the purpose of blacklisting would be 
almost useless in a milter. There are too many edge cases to get right.

-- 
Anthony C Howe                                 +33 6 11 89 73 78
http://www.snert.com/       ICQ:
7116561         AIM: Sir Wumpus

"held in my arms / his sun washed face / eyes closed" - Anthony

Lists Index Date Thread Search