[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [vps-mail] Access blocking using wildcards

Why is that sort of address deliverable at all? Isn't it easier to simply
eliminate any catchalls?

You could also simply use a procmail recipe to dev/null any email that fits
the pattern.  That wouldn't protect with a true "attack" (because of
continued load on the server), but one email every 5 minutes isn't going to
cause any significant load.

-Abigail

On 11/8/06, Steve Yates <steve@xxxxxxxxxxx> wrote:


        We have one server with a very slow paced, widely distributed
attack, if you call it that, the last several days.  Every 5 minutes or
so there is a connection trying to deliver mail to
"poland___@xxxxxxxxxxx," with random characters in the middle.
Typically an IP is used just a few times.

        It would be nice to just refuse the connection based on the RCPT
TO address, which can be done in Sendmail...except I'd need a wildcard.
That doesn't appear to be possible using the access database
("To:poland*@example.com" etc.)?  Is there a better way?  Would
"To:poland" work?
Main Index | Thread Index
Match: Format: Sort by:
Search: