[milters] Archive

Lists Index Date Thread Search

Article: 348
From: Anthony Howe
Date: 2005-02-18 01:23:15 -0500
Subject: Re: user account fishing

Removal...........: milters-request@milter.info?subject=remove
More information..: http://www.milter.info/#Support
--------------------------------------------------------

Dirk Meyer wrote:
>>milter is say something like:
>>
>>	N aborts per IP / domain / sender and you auto blacklist
>>
> 
> 
> Sendmail has some nice features build in.
> Spam attacks have less impact here after I used:
> 
> define(`confBAD_RCPT_THROTTLE', 1)dnl

This one has been around for a while and I never found it effective. One 
second isn't enough and I would prefer to configure a much longer 
interval, but there is no option for it stupidly enough given how many 
options there are in sendmail.

---
BadRcptThrottle=N
     [no short name] If set and more than the specified number of 
recipients in a single SMTP envelope are rejected, sleep for one second 
after each rejected RCPT command.
---

> define(`confMAX_RCPTS_PER_MESSAGE', 1000)dnl

At the ISP I worked for we used 100; 1000 is way too high and a gift to 
spammers and on my personal server I limit at 50. At one hundread we 
successfully blocked some spam, while allowing legit users enough leaway 
to send jokes to all there friends using Outlook Regress address book lists.

> FEATURE(`greet_pause', `5000')dnl 5 seconds

This one feature of 8.13 I really do like. I used it with 15 and 9 
seconds and found it really effective too. Too bad it can't be a random 
number between a configurable range just to throw spam software writers 
really off.

> FEATURE(`ratecontrol')dnl
> FEATURE(`conncontrol')dnl

I keep forgetting about these recently new features. People should 
really upgrade to 8.13.3


-- 
Anthony C Howe                                 +33 6 11 89 73 78
http://www.snert.com/       ICQ:
7116561         AIM: Sir Wumpus

"held in my arms / his sun washed face / eyes closed" - Anthony

Lists Index Date Thread Search