From: Anthony Howe
Date: 2005-02-18 01:23:15 -0500
Subject: Re: user account fishing
More information..: http://www.milter.info/#Support
Dirk Meyer wrote:
>>milter is say something like:
>> N aborts per IP / domain / sender and you auto blacklist
> Sendmail has some nice features build in.
> Spam attacks have less impact here after I used:
> define(`confBAD_RCPT_THROTTLE', 1)dnl
This one has been around for a while and I never found it effective. One
second isn't enough and I would prefer to configure a much longer
interval, but there is no option for it stupidly enough given how many
options there are in sendmail.
[no short name] If set and more than the specified number of
recipients in a single SMTP envelope are rejected, sleep for one second
after each rejected RCPT command.
> define(`confMAX_RCPTS_PER_MESSAGE', 1000)dnl
At the ISP I worked for we used 100; 1000 is way too high and a gift to
spammers and on my personal server I limit at 50. At one hundread we
successfully blocked some spam, while allowing legit users enough leaway
to send jokes to all there friends using Outlook Regress address book lists.
> FEATURE(`greet_pause', `5000')dnl 5 seconds
This one feature of 8.13 I really do like. I used it with 15 and 9
seconds and found it really effective too. Too bad it can't be a random
number between a configurable range just to throw spam software writers
I keep forgetting about these recently new features. People should
really upgrade to 8.13.3
Anthony C Howe +33 6 11 89 73 78
7116561 AIM: Sir Wumpus
"held in my arms / his sun washed face / eyes closed" - Anthony
Copyright 2009, 2012 by SnertSoft. All rights reserved.