Ok - I'm changing the subject line here to fork this topic. The issue is
sender verification during a dictionary attack. If someone was faking a
lot of different addresses at domain.com trying to send spam them my
server would do callouts trying to verify email addresses and could
cause a lot of collateral traffic.
I personally am vulnerable to this in that I do front end spam filtering
for some domains that get a huge amount of spam. These domains sometimes
have catchall account so that the recipient address can't be verified,
which is something I do first Duplicate requests are cached so as to
reduce sender verifies but if they are faking the from addresses then it
could cause a lot of requests to be generated.
Generally in this situation I have to require a list of good email
addresses and/or elimination of catchall addresses. But that's not pretty.
So - the idea is to somehow limit the number of verify callouts to one
domain. Cached callouts wouldn't could against the total. Only unique
callouts would count and perhaps limit it to some reasonable level. When
the level is hit then Exim would return a defer and that will generally
end a dictionary attack. Good email addresses in cache wouldn't be
affected. Only uncavhed would trigger it.
That's my initial thoughts on this. Anyone else have any ideas?
>
