Experiences with Mail servers
Eric Wagar
eric at deadhookers.org
Mon Dec 6 22:09:38 UTC 2004
> > You advice is well received and the linked HOWTO is excellent. However, I
> > don’t know if I want to move to postfix, is ther eany reason to do this, and
> > if I don’t, what would be different in configuring sendmail to deliver to
> > the dovecot maildir format?
>
> This means that if you suffer a dictionary email attack and you bounce
> mis-addressed email, you could end up with a million outgoing messages
> in your queue.
>
> This might sound far fetched, but I have three domains which receive
> close to 30k emails a day to users who do not exist. Some other mail
> servers, like Courier, look at the addressee of incoming email and do
> not accept the email if the user does not exist.
>
> Can you block the dictionary attack by cutting off the server? Probably
> not this attack since I get no more than 25 pieces from any one host!
> This is a very distributed attack
What about dropping the messages if no such user exists? Is there a way
to do that within Postfix? I wouldn't think that mail would want to be
working in that fashion, but...maybe there's a way?
eric
--
Eric Wagar
eric at deadhookers.org
More information about the redhat-list
mailing list