Re: spambots and dictionary attacks




On 17-nov-2006, at 17:02, rowland onobrauche wrote:


I would like to hear from anyone that has successfully blocked
spambots or dictionary attacks without the need of another server in
between your mailserver and the senders.
The mailserver on my end is exim and it is actually a virtual server,
so i cannot really edit the exim.conf file, but have access to access,
virtusertable, trustedusers and sendmail.cw.

One thing to block about 90% or more of the attempts made by botnets
is preventing they can mail you by logging wrongly used helo's on the mta.

I am running a script on my maillogs daily that is logging every attempt and
stores it, in this situation, in the spamikaze database.

http://spamikaze.is-a-geek.org/~hans/prevent.pl

If the storeip subroutine would be altered you could also log it to a file in a
format that exim uses to block ipnumbers. There is one in the current
spamikaze instance afaik.

http://spamikaze.org/

Best regards,

Hans



Relevant Pages

  • RE: Gradual move to own mail server - strategy for noob
    ... Build a mailserver, set up DNS MX records for your domain. ... New FreeBSD server so far only operating as a Samba server. ... IMAP server on my FreeBSD box (and using Maildir is my instinctive ... Install Procmail to deliver messages in Maildir format (to users' home ...
    (freebsd-questions)
  • Re: Mailserver system (postfix, sendmail or qmail ?)
    ... > I want to set up a mailserver on a FC3 system. ... I have access to a registered web site and its ... To me able to have mail in a mail client as well as via a web browser, ... you would set up an IMAP server on your server machine and let procmail ...
    (Fedora)
  • Re: SMTP smart host authentication fails
    ... As for SMTP, the new address failed because ... there was no IP address for it on the SMTP server. ... You have to configure exim to authenticate itself on port 587 (submission ... You'll come to the auth section. ...
    (Debian-User)
  • Re: Email Security question: Hijacked email !!! was: [opensuse] Vista
    ... First you have to find out which mailserver you have to contact. ... Spammers OTOH usually abuse the server with the highest number. ... (port 25 is the default SMTP port) ... Sending email with telnet on port 25 ...
    (SuSE)
  • Re: HILFE SMTP empfängt tausende Emails
    ... > der Server bedarf regelmäßiger Pflege... ... > problemlos Mails generieren. ... > Zugriff ungleich Relaying. ... Ist der Mailserver von außen auf Port 25 ...
    (microsoft.public.de.inetserver.iis)