[Mimedefang] Dictionary attacks, NDRs etc..
Fred Felgenhauer
fred at fredf.com
Fri Dec 5 12:24:30 EST 2003
> You should be doing your test in filter_recipient; if you reject a
> recipient there, it won't get added to @Recipients, the sender will
> get a 5XX code, and you may even reduce the number of recipients to
> 1 (which will let you avoid streaming) or 0 (which will skip all
> the content-filtering.)
> Regards,
> David.
I admit I have not read the RFC dealing with the above but,
in the above we are telling the spammer which addresses are good
and which are bad?
This is a serious security breach. If I was a spammer I could write
a program to mine all good addresses using the same process.
Would it not be better to do the LDAP lookup and simply remove
the recipient in @Recipients and not give the spammer any idea
which addresses are good or bad?
It may violate an RFC but aren't we in a "War against SPAM"?
Maybe the RFC needs to be re-written. SPAM was not an issue
then like it is now I would think.
More information about the MIMEDefang
mailing list