RE: [exim] exim allowed someone to slam my mail server for 3…

Page principale
Supprimer ce message
Répondre à ce message
Auteur: Mark Smith
Date:  
À: 'Marilyn Davis'
CC: 'Exim Mailing List'
Sujet: RE: [exim] exim allowed someone to slam my mail server for 3 hours

> > The only way to deal with that is to set
> smtp_accept_max_per_host = 1.
>
> Thank you. But it doesn't seem to fix anything, it just
> takes longer because the other connections are delayed. But
> the result is the same. $rcpt_count never gets above 1.


That's true. All it does is slow them down and stop them sending to more
than one recipient at a time, some of which will fail and some won't (if
they're carrying out a dictionary attack). It just gives you more time to
notice what they're doing and block them before they manage to send you
hundreds of spam emails.
>
> Now, why would yahoo only send one RCPT per connection when 4
> addresses to the same domain are on the same message? What
> is the benefit of doing that -- aside from facilitating spam
> from their addresses?
>


I've wondered this myself. There seems to be quite a few mailservers out
there that do this.

- Mark