[Mimedefang] Dictionary attacks, NDRs etc..
Cahya Wirawan
cwirawan at email.archlab.tuwien.ac.at
Fri Dec 5 07:03:39 EST 2003
On Thu, Dec 04, 2003 at 12:18:22PM -0500, Fred Felgenhauer wrote:
>
> In order to eliminate a large percentage of my mail system overhead from
> dictionary attacks and sending NDRs to non-existant
> domains, I tried to do something about it. I am using
> mimedefang/spamassassin fronting an Exchange 2000 server.
Hi,
I read from http://postfix.state-of-mind.de/patrick.koetter/mailrelay/
that a ldap lookups directly to exchange server is not really
recommended because during dictionary attack there will be
tausend of ldap queries in a minute, and it is like denial of service,
attack and this can have bad impact to exchange server.
but I don't know how valid it is, because I didn't test it yet.
so, does anyone know how the exchange really behaves during the
dictionary/ldap request attack ?
cahya
More information about the MIMEDefang
mailing list