[Mimedefang] MIMEDefang 2.72 is Released
Philip Prindeville
philipp_subx at redfish-solutions.com
Wed Oct 19 16:24:09 EDT 2011
On 9/26/11 3:59 AM, David F. Skoll wrote:
> On Sun, 25 Sep 2011 23:27:39 -0700
> Philip Prindeville <philipp_subx at redfish-solutions.com> wrote:
>
>> It's been 2.5 years that we've been talking about how this feature
>> needs to be implemented. Actually, it might be 3 already. I've lost
>> track.
>
>> Is it ever going to happen?
>
> Probably not, since no-one else has asked for it. And I would rather
> spend time on features lots of people want or features that
> customers are paying for.
One other note: I've dealt with ISP's that are less than diligent in pursuing SPAM (or SMTP DoS attack) complaints, and one of the requirements that they often call out as an obstacle to any investigation is a need to have the *source* port, source address, *destination port*, destination address (presumably because of SNATing) before they will investigate. One could argue it should be their responsibility to log such mappings, but that's a moot point: you can't make them do the right thing.
Why make it easier for them to bury their head in the sand?
We generate logs that look like:
Oct 19 14:11:05 mail mimedefang.pl[13275]: relay: [218.95.114.71] 218.95.114.71:3049 => 66.232.79.143:25
Oct 19 14:11:05 mail mimedefang.pl[13275]: filter_relay rejected host 218.95.114.71 ([218.95.114.71])
Oct 19 14:11:05 mail sendmail[13302]: p9JKB5vT013302: Milter: connect: host=71.114.95.218.broad.ja.jx.dynamic.163data.com.cn, addr=218.95.114.71, rejecting commands
and they absolutely can't hide behind any allegation of us failing to provide complete and concise logs.
(We run service on ports 25, 465, and 587 by the way and regularly see DoS attacks on all 3 ports.)
More information about the MIMEDefang
mailing list