[Mimedefang] Blocking Dictionary Attacks
Matt Garretson
mattg at assembly.state.ny.us
Thu Jun 11 10:23:33 EDT 2009
Petra Humann wrote:
> Do you know the sendmail badrcpt_shutdown patch?
> http://www.jmaimon.com/sendmail/
>
> After an defined number of bad recipients the SMTP session terminates:
> "Possible SMTP RCPT flood, shutting down connection."
I hadn't heard about that patch. But even without the patch,
you can do basically the same things. I have this in my
sendmail.mc:
define(`confBAD_RCPT_THROTTLE',`5')dnl
[...]
LOCAL_RULESETS
Scheck_data
# Reject if lots of bad addresses:
R $* $: $&{nbadrcpts}
R $+ $: $(arith l $@ $1 $@ 8 $)
R FALSE $# error $@ 5.1.2 $: "553 Too many bad recipients"
I guess this is getting a bit off-topic, though.
-Matt
More information about the MIMEDefang
mailing list