[Dshield] Protection against spammer dictionary attacks

Al Reust areust at comcast.net
Tue Oct 7 16:21:23 GMT 2003

Hello ronnin

The level of the message was sent to Administrators to help protect the 
email server. While you did not say you were an Email User, I suspect that 
is the case. In that case you have to do nothing, but hope your ISP employs 
what was "described" or the same intent in some other fashion.

So these are settings applied to "Mail Servers," not mail clients (Outlook 

So if you would like a better idea stroll through Barnes and Noble or your 
favorite book store and look for O'Reilly Sendmail and/or the Exchange 
Administrators Guide. Please Do Not buy the Book's, You Do Not need them. 
Peruse the pages for a few moments, look in the index in the back for MTA 
(Message Transfer Agent) settings.



At 06:35 PM 10/6/2003 -0700, you wrote:
>hi  i have problems understanding how to accomplish the things you say to 
>do...would it be possible to out line steps to follow in amanner that a 
>neophyte  like me can understand.  iwould really appreciate any help i can 
>get..    thanx,    cyrilwilliams at msn.com...............
>   ----- Original Message -----
>   From: Jon R. Kibler
>   To: list at dshield.org
>   Sent: Sunday, October 05, 2003 12:16 PM
>   Subject: [Dshield] Protection against spammer dictionary attacks
>   We have seen a big jump in the number of dictionary attacks against our 
> mail system in the past few days. I don't know if it is just the domains 
> we manage, or whether it is more widespread. However, I thought I would 
> pass on a schema that we use to limit the impact of such attacks. These 
> options are specific to sendmail, but most MTAs have similar 
> configuration options.
>   These attacks typically try to send to 10 to 50 recipients per 
> envelope. Our strategy is two-fold:
>      1) Slow down the rate at which the spammer can attempt to harvest 
> addresses.
>      2) Clog up the spammer's queue and/or confuse their address 
> harvester program.

>   Anyway, just some thoughts on protecting yourself against one form of 
> email address harvesting. Hope someone finds them useful.
>   Jon R. Kibler
>   Chief Technical Officer
>   A.S.E.T., Inc.
>   Charleston, SC  USA
>   (843) 849-8214
>   ==================================================
>   Filtered by: TRUSTEM.COM's Email Filtering Service
>   http://www.trustem.com/
>   No Spam. No Viruses. Just Good Clean Email.

More information about the list mailing list