|
Incidents
email address probes Feb 05 2003 08:54PM Andy Bastien lists+incidents@yuggoth.net (lists+incidents yuggoth net) (6 replies) Re: email address probes Feb 06 2003 03:07PM Ned Fleming (ned kaw us) (1 replies) Re: email address probes Feb 07 2003 05:16PM Andy Bastien lists+incidents (at) yuggoth (dot) net [email concealed] (lists+incidents yuggoth net) |
|
|
Privacy Statement |
via the virtusers db in /etc/mail:
@whatever.com blackhole
At present the blackhole is a file but it could also be /dev/null
james
> > I'd like to be able to stop these attempts, but I can't think of a way
> > to do it. All of the attempts are coming from valid servers from some
> > domains that we can't block. They do all have null reverse-paths
> > (MAIL FROM:<>), but I don't think that we can reject on this criteria
> > as null reverse-paths are used to send NDRs and other notifications
> > which we don't want to block. I suppose that we could accept the
> > emails and dump them to /dev/null (or to some tarpit account so that
> > we can inspect them) instead of replying with a "550 User unknown,"
> > but I suspect that this could cause us more headaches in the future.
------------------------------------------------------------------------
----
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management
and tracking system please see: http://aris.securityfocus.com
[ reply ]