Distributed Dictonary email slam
Jared Mauch
jared at puck.nether.net
Mon Sep 6 16:24:02 UTC 2004
On Sun, Sep 05, 2004 at 07:58:06PM -0400, Christopher X. Candreva wrote:
>
> On Sun, 5 Sep 2004, Matt Hess wrote:
>
> > source hosts.. Now being as we are a secondary mx I'm dropping their record
> > out of our email system as I write this, however, I am curious if other have
> > gone through or are currently going through something of this magnitude (12K
> > spam/dictionary msgs per hour destined to one domain and that's just what is
>
> You want to keep a list of valid accounts on the secondary so you can refuse
> mail for non-existing accounts on the secondary too.
>
> If you don't care about yourself -- relize that if, say, all of these mails
> have a return address forged from the same domain, you will be DOSing THAT
> site with the bounce messages. This is enough for some people to block mail
> from you.
does anyone have some pointers to a good (possibly radius+sendmail)
based approach for checking this?
i'd like to have my backup mx host reject mail for non-existant
users/aliases as long as the primary is up, but if it's down, it should
accept them and queue, plus possibly cache misses for a period of time (24h?)
- jared
--
Jared Mauch | pgp key available via finger from jared at puck.nether.net
clue++; | http://puck.nether.net/~jared/ My statements are only mine.
More information about the NANOG
mailing list