Autor: Kevin P. Fleming Data: A: Alan J. Flavell CC: exim-users@exim.org Assumpte: Re: [Exim] Re: dictionary attacks
Alan J. Flavell wrote:
> On Wed, 18 Dec 2002, Kevin P. Fleming wrote:
>
>
> >Check the archive threads from last week entitled "Basic Teergrubing...",
>
>
> I did, thanks. A couple of comments, if I may...
>
> In Teergrubing, as it's normally understood, the purpose of the
> exercise is to spin-out the action without the caller entirely losing
> interest, i.e the timeouts are set to keep the caller waiting but not
> long enough for them to abandon the call. My motivation here is to
> get rid of the caller, by whatever means that it takes. As it
> happens, what I'm doing is to delay _longer_ than they're willing to
> wait, so that they drop the call. If there was an ACL command to exim
> to tell it to unceremoniously drop the call, then I think that would
> be just as effective (especially if taken in conjunction with a
> blacklist that refuses further SMTP calls from that IP).
4.12 also has a drop modifier, that causes the TCP connection to be dropped
"unceremoniously" :-) So you can do this today, without tying up resources on
your server with idle connections waiting for the caller to disconnect.