[Mimedefang] Blocking Dictionary Attacks
David F. Skoll
dfs at roaringpenguin.com
Thu Jun 4 17:38:06 EDT 2009
afo cliff wrote:
> I need to have a way to stop dictionary attacks ... unless there is a
> better way I was going to extract the TO address and discard the email
> in mimedefang-filter if the user did not exist when compared against a
> database table of valid users. I'd be interested to know the
> preferred way to handle this.
[Shameless Plug] Our commercial CanIt software has a dictionary-attack
detector built in that firewalls off hosts that send to too many invalid
We detect valid recipients in a variety of ways (depending on the setup)
including SMTP call-forwards, LDAP, etc.
More information about the MIMEDefang