Re: [EXIM] address collector info posted to bugtraq

Kezdőlap
Üzenet törlése
Válasz az üzenetre
Szerző: Peter Gervai
Dátum:  
Címzett: Philip Hazel, Peter Gervai
CC: Tabor J. Wells, exim-users
Tárgy: Re: [EXIM] address collector info posted to bugtraq
On Mon, Mar 08, 1999 at 09:51:00AM +0000, Philip Hazel wrote:
> On Sun, 7 Mar 1999, Peter Gervai wrote:


> > > There is an "address collector" program that works with a dictionary
> > > of username appends the domain and uses RCPT TO to collect what it
> > > thinks are valid email addresses.
> > [...]


> There is recipients_max and recipients_max_reject.


Does it limit failed RCPT TO:'s as well?

> > And anyway, could I put a trigger to block the address when someone
> > repeatedly tries to flood me with invalid rcpt to:'s?

[...]
> However, I see several problems with this.

[...]

Yes, your observations are right, this should be handled from the logfile
rather than from exim.

I have just one more question.

> 1999-03-08 00:14:36 verify failed for SMTP recipient xxxx@xxxxx from
> <xxxx@xxxx> H=xxxxxx [x.x.x.x]


I have VRFY and EXPN disabled, but this way I don't see failed snooping
attempts in the logfile. Did I misconfigure something or it does not
get logged unless I enable them? Would be nice to see snooping attempts.

> If anybody wants to write such a thing (sounds like a Perl script would
> be the best) I'd be happy to include it in the Exim Contrib directory.


Yes, it would be trivial. [I do not need it right now (unless you tell me
how to see failed vrfy/expn attempts :-)) but if anyone wants me to write
a very simple failure summarizer, no problem.]

bye,
grin

--
*** Exim information can be found at http://www.exim.org/ ***