RE: [Exim] FW: Defending Against Rumplestiltskin Attacks???

Página Inicial
Delete this message
Reply to this message
Autor: Mike 'Fraz' White
Data:  
Para: 'Tim Jackson', exim-users
Assunto: RE: [Exim] FW: Defending Against Rumplestiltskin Attacks???

> -----Original Message-----
> From: exim-users-admin@??? [mailto:exim-users-admin@exim.org] On
> Behalf Of Tim Jackson
> Sent: 09 May 2004 16:38
> To: exim-users@???
> Subject: Re: [Exim] FW: Defending Against Rumplestiltskin Attacks???


---8<--
> Bear in mind that a properly configured system won't generate bounces

for
> non-existent users in the first place though. If you are accepting all
> mail and generating bounces, then that certainly will send your load
> rocketing if you get a bad dictionary attack.
>

---8<--
> On a different topic, setting smtp_accept_max_per_host will prevent a
> single sending machine tying up too many of your resources, but of

course
> this won't help with a dictionary attack distributed across multiple
> source IPs.
>
>
> Tim
>

Hi Tim,

I suppose its all a question of scale. As I've just mentioned in another
mail I'm only running a very small system which makes life relatively
easy for me. A high percentage of the mail coming through me (especially
the stuff forwarded from various ISP accounts) is simply discarded or
rejected during the initial stages using a combination of RBL's
,exiscan, clamav & spamassassin. The 'catchall' is just there at the end
to keep things tidy.

Personally I prefer the 'discard' approach anyway as I'm only on a low
bandwidth connection so the less outgoing traffic I generate the better
:-)


--
Mike 'Fraz' White
www.smartowner.co.uk