> -----Original Message-----
> From: exim-users-admin@??? [mailto:exim-users-admin@exim.org] On
> Behalf Of Tim Jackson
> Sent: 09 May 2004 16:38
> To: exim-users@???
> Subject: Re: [Exim] FW: Defending Against Rumplestiltskin Attacks???
---8<--
> Bear in mind that a properly configured system won't generate bounces
for
> non-existent users in the first place though. If you are accepting all
> mail and generating bounces, then that certainly will send your load
> rocketing if you get a bad dictionary attack.
>
---8<--
> On a different topic, setting smtp_accept_max_per_host will prevent a
> single sending machine tying up too many of your resources, but of
course
> this won't help with a dictionary attack distributed across multiple
> source IPs.
>
>
> Tim
>
Hi Tim,
I suppose its all a question of scale. As I've just mentioned in another
mail I'm only running a very small system which makes life relatively
easy for me. A high percentage of the mail coming through me (especially
the stuff forwarded from various ISP accounts) is simply discarded or
rejected during the initial stages using a combination of RBL's
,exiscan, clamav & spamassassin. The 'catchall' is just there at the end
to keep things tidy.
Personally I prefer the 'discard' approach anyway as I'm only on a low
bandwidth connection so the less outgoing traffic I generate the better
:-)
--
Mike 'Fraz' White
www.smartowner.co.uk
