[Mimedefang] Blocking Dictionary Attacks

Les Mikesell les at futuresource.com
Mon Jun 8 16:48:04 EDT 2009


Jason Bertoch wrote:
>> -----Original Message-----
>> From: mimedefang-bounces at lists.roaringpenguin.com [mailto:mimedefang-
>> bounces at lists.roaringpenguin.com] On Behalf Of Les Mikesell
>> Sent: Monday, June 08, 2009 10:44 AM
>> To: mimedefang at lists.roaringpenguin.com
>> Subject: Re: [Mimedefang] Blocking Dictionary Attacks
>>
>> Matt Garretson wrote:
>>> afo cliff wrote:
>>>> @mydomain.com bitbucket
>>>
>>> You can also do something like this in your virtusertable:
>>>
>>> @mydomain.com  error:5.1.1:550 User unknown
>>>
>>> Then, you won't need the bitbucket alias.
>>> See http://www.sendmail.org/m4/features.html
>> Yes, that approach will be much faster - sendmail will reject
>> everything
>> early unless it has a valid recipient and it won't have to go through
>> the mimedefang spam/virus scan.
>>
> 
> I seem to recall that enabling FEATURE(delay_checks) was recommended as part
> of the MIMEDefang setup.  It does provide much more useful logs, but I
> believe it also means that milters are run before virtuser rejects.

I thought it would only delay until after RCPT TO: (so you'd run 
filter_relay, filter_sender, filter_recipient functions in mimedefang if 
you have them) but still before DATA where the heavy lifting is done.

-- 
   Les Mikesell
    lesmikesell at gmail.com





More information about the MIMEDefang mailing list