Re: [Exim] Re: dictionary attacks

Top Page
This message is part of the following thread:
Mthe complete thread tree sorted by date
M\Alan J. Flavell at <-
MMKevin P. Fleming at ->
Delete this message
Reply to this message
Author: Nico Erfurth
Date:  
To: Alan J. Flavell
CC: Kevin P. Fleming, exim-users@exim.org
Subject: Re: [Exim] Re: dictionary attacks
Alan J. Flavell wrote:
> On Wed, 18 Dec 2002, Kevin P. Fleming wrote:
>
>
>>Check the archive threads from last week entitled "Basic Teergrubing...",
>
>
> I did, thanks. A couple of comments, if I may...
>
> In Teergrubing, as it's normally understood, the purpose of the
> exercise is to spin-out the action without the caller entirely losing
> interest, i.e the timeouts are set to keep the caller waiting but not
> long enough for them to abandon the call. My motivation here is to
> get rid of the caller, by whatever means that it takes. As it
> happens, what I'm doing is to delay _longer_ than they're willing to
> wait, so that they drop the call. If there was an ACL command to exim
> to tell it to unceremoniously drop the call, then I think that would
> be just as effective (especially if taken in conjunction with a
> blacklist that refuses further SMTP calls from that IP).
>
> Well, I was only exhibiting the principle, based as it was on our
> current use of 4.10. When there's a simpler way of executing a time
> delay, then I've absolutely no objection to using it - but I thought
> the underlying principle was worth a mention, regardless.

You can do neat things with exim 4.12 ${eval} and the delay-keyword in
the ACL :)



This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-Re: [Exim] Re: dictionary attacksRe: [Exim] RE: [SAtalk] Exim/SA help->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)