Re: [Exim] Dictionary attack defence ideas?

Top Page
Delete this message
Reply to this message
Author: Juha Saarinen
Date:  
To: exim-users@exim.org
Subject: Re: [Exim] Dictionary attack defence ideas?
On Mon, 8 Jul 2002, Philip Hazel wrote:

> smtp_accept_max_per_host
>
> See also smtp_ratelimit_xxx for slowing down multiple commands on a
> single connection.


Thanks, Philip. Didn't look hard enough, as usual.

Looking at the reject log, I count 31 different addressees, and as the
entries have the same time stamp, I assume it's a single connection as
"dman" mentioned.

Hmmm.... reading the spec, it seems that for cases like the above,
smtp_rate_limit_hosts combined with smtp_ratelimit_rcpt and
smtp_ratelimit_mail would take care of the issue.


--
Juha Saarinen