I have this in my acl_smtp_rcpt:
deny message = No dictionary attacks!
condition = ${if > {$rcpt_fail_count}{1} {yes}{no}}
!verify = recipient
delay = ${eval: ($rcpt_fail_count) * 60}s
log_message = $rcpt_fail_count failed recipient attempts
I think this is saying that if the $rcpt_fail_count is greater than 1 (only
give them 1 freebie), and the current rcpt doesn't verify, then respond with
the message 'NoDictionary attacks!' and delay for $rcpt_fail_count minutes.
I put this in about 20 minutes ago, and I haven't seen it triggered yet.
Anyone see anything wrong with it?
Elliot
