Autor: Marc Perkel Data: Para: exim-users Asunto: Re: [exim] DENY vs. DROP
The drop does send a reason before dropping the connection. And I am
using it in cases where there's nothing they can do to redeam themselves
- like being blacklisted - or impersonation one of my servers - or other
tricks that only spammers use. If they trying to impersonate one of my
domains why keep the connection open while they do a dictionary attack?
My thinking is that if I'm going to reject them no matter what then why
not hang up on them?
Tim Jackson wrote:
>On 8 Dec 2004, Marc Perkel wrote:
>
>
>
>>When whould I use deny vs. drop.
>>
>>
>
>Simple: if in doubt, never use "drop". Always use "deny".
>
>"drop" terminates the connection in an "unfriendly" way and should really
>only be used if you're sure you know what you're doing (e.g. you're 100%
>certain you're dealing with spamware/an attacker of some sort, and one
>which is unlikely to retry).
>
>If used (even in error) on "real" messages, "drop" will probably cause
>*more* resource usage for both you and the sending end, and additionally
>quite possibly cause problems that are difficult to diagnose - you will
>not endear yourself to other administrators.
>
>
>Tim
>
>
>