John Summerfield wrote: > I've not yet explored how to do it, but I quite like the idea of > blocking connexions from anyone trying my spambait addresses below (yes, > they are turning up in my logs).
For a while I thought about blocking connections from dictionary spammers
and spammers that constantly hit my box. But then I decided to go a different
route. My machine processes maybe 500 legitimate messages a day. The chances
of my inbound connections (set to 10) being all hit at the same time is pretty
darn remote. Even so they won't be tied up for all that long. So instead I
just had my machine consider, carefully, any reject message it gives on
certain behaviors. Send to a bad address at my machine, it'll check for the
address and let you know what it finds in 20s. After 20 of them it'll decide
you dunno whom you're looking for and tell ya to shoo. 20 * 20s = 400s or just
shy of 7 minutes. If a dictionary spammer wants to tie up one of his
connections for 7 minutes to attempt 20 bad addresses at my machine who am I
to discourage him? :D
--
Steve C. Lamb | I'm your priest, I'm your shrink, I'm your
PGP Key: 8B6E99C5 | main connection to the switchboard of souls.
-------------------------------+---------------------------------------------
signature.asc
Description: OpenPGP digital signature
