Re: [Exim] offers123.net & possible DOS.

Page principale
Supprimer ce message
Répondre à ce message
Auteur: Leonardo Boselli
Date:  
À: Alan J. Flavell, Exim users list
Sujet: Re: [Exim] offers123.net & possible DOS.
On 18 May 2002, at 15:55, Alan J. Flavell wrote:
> > 2. you could hit one server that accept any message, trying to
> > deliver by partial match or trying to get hints form body.
> As far as we are concerned, there could be any number of causes for
> the symptoms which you describe in 1 and 2. From the outside, all
> that we know is that the email domain in question sometimes repudiates
> bad usernames at RCPT TO: time, and sometimes doesn't.
> > in this case what woud you do ?
> We would do the same as we do when the spammer counterfeits a valid
> address and the callback confirms it as good: we accept the mail as
> normal, i,e it will then stand a chance of being spotted in the
> spam-rating filter, just like any other mail that we accept.
> What other procedure would you suggest?

Actually none .... only one would be one that tried some time ago,
but it is far from perfect:
for any incoming message not coming from a known address is
sent an aknowledegement (just a vacation affair). Usually if the
sender is fake this acknoledgement message come back.
So there is a program that automatically discard both messages
and balcklist the sender
The problem is that sometime there is a certain time between the
try to send a reply and the actual reply (the destination server
could be unreacheable ... or the error message needing too many
hops to came back). So during that time you must assume that
the sender is ok !
For posting to lists the way is easier: when you post to a list you
receive back a message to approve posting (yes, not to the
moderator but to the from address on the message) . so if the
sender message is correct s/he have to reply to approve it.

Leonardo Boselli
nucleo informatico e telematico
Dipartimento Ingegneria Civile
Universita` di Firenze
V. S. Marta 3 - I-50139 Firenze
tel +39()0554796431
cel +39 3488605348
fax +39()055495333
http://www.dicea.unifi.it/~leo