[Exim] Re: Dictionary attack defence ideas?

Top Page
Delete this message
Reply to this message
Author: Derrick 'dman' Hudson
Date:  
To: exim-users
Subject: [Exim] Re: Dictionary attack defence ideas?
--
On Mon, Jul 08, 2002 at 05:28:19PM +0100, David Markham wrote:
| Thanks so would the smtp_Accept_max_per_host stop the amount of mails that
| the user is sending if more than what the limit is set to?


As the Philip and the spec says, only if they use multiple
simultaneous IP-level connections. If they feed multiple RCPTs on the
same MAIL FROM:, that won't have any effect. If they feed multiple
messages, in serial, down the same connection it won't have any
efffect. If they repeatedly close the connection and open a new one,
that won't have any effect.

Each of these scenarios presents a single simultaneous connection from
the host.

(well, it will if you set the max to 0, but in that case why run exim? :-))

-D

--

The crucible for silver and the furnace for gold,
but the Lord tests the heart.
        Proverbs 17:3


http://dman.ddts.net/~dman/

--
[ Content of type application/pgp-signature deleted ]
--