[Mimedefang] Blocking Dictionary Attacks

Matt Garretson mattg at assembly.state.ny.us
Fri Jun 5 09:49:46 EDT 2009

afo cliff wrote:
> That's a great idea!  I tried it but no matter what I do, sendmail is
> letting everything through.  Virtusertable is configured correctly in
> sendmail.mc, also did the appropriate makemap.  I think something has
> changed in sendmail (I have 8.13.8).  I've searched the world over 10
> times and tried many different combinations in virtusertable &
> mailertable and no matter what it relays everything. 

I push all valid internal addresses out to my inbound MX's virtusertable,
and it does reject invalid ones at RCPT.  So it's possible.  Not as
glamorous as using LDAP or something else, but it works.  Depending on 
how you have things set up, you might need to have one or more virtuser 
entries that map @yourdomain to a 550 error.  This is documented on
the sendmail web site.

Also, with sendmail you can define confBAD_RCPT_THROTTLE in your
mc file to slow down dictionary attacks.  Of course you have to
configure it to reject the bad addresses first.


More information about the MIMEDefang mailing list