Autor: Alan J. Flavell Data: Dla: Exim users list Temat: Re: [Exim] Different Teergrub/Dictinary Attack
On Fri, 12 Sep 2003, Tony Earnshaw wrote:
> > Don't forget that if you _do_ decide to finish the party by refusing
> > to talk SMTP to them, or even dropping them at the firewall, then
> > a bona fide sender who has been misidentified has no way to even
> > contact the postmaster to discuss the problem.
>
> Why?
As I said: if you react to (what you identify as) a series of
dictionary scans by subsequently refusing to talk SMTP to them
(putting their IP into host_reject_connection or equivalent, or
blocking them in your firewall), then you're not going to find out
that they're subsequently trying to discuss the problem with your
postmaster address.
> I've cut off dictionary attacks. Mail to postmaster *or* abuse
> should be accepted, whatever happens.
Then you haven't stopped talking SMTP to them, OK. I was only
cautioning readers about a possible consequence of doing so.