Re: [exim] Rate limiting on Sender Verify

Top Page
This message is part of the following thread:
M\the complete thread tree sorted by date
MMMarc Perkel at <-
MMMarc Perkel at ->
Delete this message
Reply to this message
Author: Chris Edwards
Date:  
To: exim-users
Subject: Re: [exim] Rate limiting on Sender Verify
On Tue, 17 Oct 2006, Marc Perkel wrote:

| Ok - I'm changing the subject line here to fork this topic. The issue is
| sender verification during a dictionary attack. If someone was faking a
| lot of different addresses at domain.com trying to send spam them my
| server would do callouts trying to verify email addresses and could
| cause a lot of collateral traffic.

Rate-limiting callouts based on the sender domain only helps in the
special case where a spammer is repeatedly using one domain for multiple
attempts on your server.

But surely most of the spam you receive has sender addresses in different
faked domains (not just different localparts at a single "domain.com").

So you'll still be emit a lot of collateral traffic.


This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-[exim] Rate limiting on Sender VerifyRe: [exim] Rate limiting on Sender Verify->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)