This is an OpenPGP/MIME signed message (RFC 2440 and 3156)
--
Alan J. Flavell wrote:
> I -have- tried it, and it's a mixed blessing. I was motivated to do
> so after a spate of what appeared to be "dictionary scanning" via open
> relays/proxies. They would open an SMTP call and grind their way down
> typically two or three dozen addresses in alphabetical order, close
> the call, and then open another one, typically via a different open
> relay, and grind down another two or three dozen addresses.
I was initially going to blacklist those but then I decided just to do a
basic teergrube on them.
accept domains = +local_domains
endpass
message = unknown user
verify = recipient
delay = 20s
I also have an ACL in there that limits them to 20 per attempt. Ties them
up for just shy of 7m and my site is small enough I have connections to spare.
I figure anyone else who's hitting my site and innocently hits a bad address
won't be harmed too much by 20s.
--
Steve C. Lamb | I'm your priest, I'm your shrink, I'm your
PGP Key: 8B6E99C5 | main connection to the switchboard of souls.
-------------------------------+---------------------------------------------
--
Content-Description: OpenPGP digital signature
[ signature.asc of type application/pgp-signature deleted ]
--
