[Mimedefang] Back into the loop...
David F. Skoll
dfs at roaringpenguin.com
Tue Oct 24 19:34:15 EDT 2006
Philip Prindeville wrote:
> HELO localhost.localdomain
> from 192.150.1.3, then it will reject that the session... with a 5xx
> message... and will also blacklist incoming connections from that
> site for the next 4 hours... If another connection comes in from
> that address during that 4 hour period, maybe double or quadruple
> the wait period.
I do a similar thing, but I feed data into a Perl script that plays with
my iptables rules. Obviously, to fiddle with iptables rules requires
root privileges, hence the separate script.
> One other thing I wasn't sure about doing, was adding "simultaneity"
> locking as well. That is, blacklisting additional connections from
> the same site during the duration of a connection. Most legitimate
> MTA's will open a single connection per site, and then spool
> multiple messages over a single connection.
Sendmail 8.13 can do all of that (and more) with its "conncontrol" and
"ratecontrol" features.
[...]
> I've been wondering about coming up with a standardized format
> for tests,
This is explicitly *not* a goal of MIMEDefang. My belief is that in
order to combat current and future e-mail threats, you need a proper
programming language, and Perl is about as good as any. In my
opinion, going to something like XML would be a massive step backward.
[... rest elided - I have no comments on it ...]
Regards,
David.
More information about the MIMEDefang
mailing list