[milters] Archive

Lists Index Date Thread Search

Article: 815
From: Anthony Howe
Date: 2006-02-10 13:50:30 -0500
Subject: Re: Best defense against dictionary attack

Removal...........: milters-request@milter.info?subject=remove
More information..: http://www.milter.info/#Support
--------------------------------------------------------

Don Reiher wrote:
> You have a lot of milters!
> 
> I am curious as to which milter is most popular for
> fending off dictionary attacks.

Hard to say.

You might look at milter-error, which might help in this regard. Other 
milters to consider would be milter-gris and milter-sender.

> milter-ahead seems the safest.  I am wondering how it will work
> with Groupwise (GWIA).  It seems RFC compliant, so I assume it
> would work.

Depends if the server blindly accepts any RCPT or will return 550 for 
unknown RCPT.

> milter-sender seems a little dangerous.  I think some smtp
> servers are misconfigured to give up too quickly. . . especially

milter-sender is actually one of the more popular and the oldest of all 
my milters.

> folks using Micro$oft exchange when they don't know what they
> are doing.  I find a lot of corp sysadmins don't know what they
> are doing, and their systems are so full of viruses and trojans
> that the mail server simply runs very slowly and tends to time
> out anyway.
> 
> milter-error looks interesting.  I have to look at the code, but
> I assume "User Unknown" is the error it looks for.

milter-error can't track specific errors. The sendmail libmilter API 
does not communicate that information to the milter, so all milter-error 
can do is count message aborts for any reason.

> For a high volume mail relay to a second "real" mail server (ie. 
> 1,000 hams a day) what would be best?

I have some clients using milter-sender on really high volume servers 
around ~250 messages per minute. I have other less resource intensive 
milters that people prefer. Its hard to say and I would welcome other 
list member comments on this. Essentially its a resource / style / 
policy issue.

-- 
Anthony C Howe       http://www.snert.com/     +33 6 11 89 73 78
AIM: SirWumpus            ICQ: 7116561          Skype: SirWumpus
                    Sendmail Anti-Spam Solutions
http://www.snertsoft.com/         
         We Serve Your Server

Lists Index Date Thread Search