-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Peter H. Lemieux wrote:

> rowland onobrauche wrote:
>
>> I would like to hear from anyone that has successfully blocked
>> spambots or dictionary attacks without the need of another server
>> in between your mailserver and the senders.
>
>
> The only effective solution I've found in these cases is to
> maintain a whitelist of the valid addresses for the domains I
> manage and block the rest. I'm not an exim user, so I can't help
> with details. Luckily most of my clients are small businesses or
> nonprofits with fewer than a hundred employees and fairly limited
> turnover rates. Obviously this isn't easy to implement if you're
> receiving mail for thousands of users, but it is effective.
>
> If all the mail for a domain is routed to a single mailbox, you can
> implement whitelisting with a bunch of procmail rules in the
> mailbox owner's .procmailrc. Something like:
>
> :0 * ^TO.*okaddress1 (at) yourdomain (dot) com [email concealed] $DEFAULT
>
> :0 * ^TO.*okaddress2 (at) yourdomain (dot) com [email concealed] $DEFAULT
>
> [repeat as needed]
>
> :0 * ^TO.*yourdomain.com /dev/null
>
> or replace "/dev/null" with some spam mailbox if you're more
> risk-averse. This has the advantage that you only need privileges
> in the domain owner's account; SMTP-level solutions usually require
> root privileges. See "man procmailrc" and "man procmailex" for
> more details.
>
>
> Peter

Many thanks Peter.
Im familiar with procmail, but im looking for a way of blocking the
connection before the smtp commands have even got to the DATA stage.

rowland
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org

iD8DBQFFYaMKn71Wg8vs0SURAgznAJoCN7NdDfw1PYqURtgDk+7eqJ29WQCfanBr
I2rsLZEkB/hrSpUIIcf8FeM=
=JZg2
-----END PGP SIGNATURE-----

[ reply ]