RE: [vps-mail] Access blocking using wildcards

["Steve Yates" <steve@xxxxxxxxxxx>]

Abigail M <> wrote on Wednesday, November 08, 2006 11:20 PM:

> Why is that sort of address deliverable at all? Isn't it easier to
simply
> eliminate any catchalls? 

	Sorry if I wasn't clear, yes, there is no catchall for that
domain, but the botnet isn't giving up.  Perhaps I'm just wasting my
time and should let the "unknown user" message work.

> You could also simply use a procmail recipe to dev/null any email that
fits
> the pattern.  That wouldn't protect with a true "attack" (because of
> continued load on the server), but one email every 5 minutes isn't
going to
> cause any significant load.   

	Yeah, I know, that's why I haven't really pursued it.  Adding
procmail to the mix would add load to the server.  I just think it's an
odd type of attack, like it's designed to be slow enough no one notices
and distributed enough that it can't be blocked effectively.

 - Steve Yates
 - ITS, Inc.
 - Why is lemon juice mostly artificial ingredients but dishwashing
liquid contains real lemons?

~ Taglines by Taglinator - www.srtware.com ~

========================================================================
This is <vps-mail@xxxxxxxxxxxxx>  <http://groupmail.org/lists/vps-mail/>
Before posting a question, please search the archives (see above URL).