On Mon, Mar 08, 1999 at 09:51:00AM +0000, Philip Hazel wrote:
> On Sun, 7 Mar 1999, Peter Gervai wrote:
> > > There is an "address collector" program that works with a dictionary
> > > of username appends the domain and uses RCPT TO to collect what it
> > > thinks are valid email addresses.
> > [...]
> There is recipients_max and recipients_max_reject.
Does it limit failed RCPT TO:'s as well?
> > And anyway, could I put a trigger to block the address when someone
> > repeatedly tries to flood me with invalid rcpt to:'s?
[...]
> However, I see several problems with this.
[...]
Yes, your observations are right, this should be handled from the logfile
rather than from exim.
I have just one more question.
> 1999-03-08 00:14:36 verify failed for SMTP recipient xxxx@xxxxx from
> <xxxx@xxxx> H=xxxxxx [x.x.x.x]
I have VRFY and EXPN disabled, but this way I don't see failed snooping
attempts in the logfile. Did I misconfigure something or it does not
get logged unless I enable them? Would be nice to see snooping attempts.
> If anybody wants to write such a thing (sounds like a Perl script would
> be the best) I'd be happy to include it in the Exim Contrib directory.
Yes, it would be trivial. [I do not need it right now (unless you tell me
how to see failed vrfy/expn attempts :-)) but if anyone wants me to write
a very simple failure summarizer, no problem.]
bye,
grin
--
*** Exim information can be found at
http://www.exim.org/ ***
