Re: [exim] What's up ith the uceprotect blacklist?

Top Page
Delete this message
Reply to this message
Author: Daniel Tiefnig
Date:  
To: exim-users
New-Topics: [exim] Rate limiting on Sender Verify
Subject: Re: [exim] What's up ith the uceprotect blacklist?
Marc Perkel wrote:
> After a few bad email addresses I return defer on that IP for the
> remainder of the 5 minute period. That tends to stop/minimize
> dictionary collateral damage. It would be nice if Exim had something
> better built in specifically to deal with dictionary attacks.


Hmm, maybe an additional ratelimit option would do the trick.

> There should be some sort of limit so that if you need to do a lot of
> verification callouts for a specific domain in a short period of
> time that you could rate limit it.


Ah, yes. :o)
Limiting on the destination domain of the callout could be quite tricky,
though. Maybe it would be better (because much easier) just to ratelimit
within a SMTP session if callouts (or verifications in general) fail.


lg,
daniel