afo cliff wrote:

> I need to have a way to stop dictionary attacks ... unless there is a
> better way I was going to extract the TO address and discard the email
> in mimedefang-filter if the user did not exist when compared against a
> database table of valid users.  I'd be interested to know the
> preferred way to handle this.

[Shameless Plug] Our commercial CanIt software has a dictionary-attack
detector built in that firewalls off hosts that send to too many invalid
recipients.

We detect valid recipients in a variety of ways (depending on the setup)
including SMTP call-forwards, LDAP, etc.

Regards,

David.
_______________________________________________
NOTE: If there is a disclaimer or other legal boilerplate in the above
message, it is NULL AND VOID.  You may ignore it.

Visit http://www.mimedefang.org and http://www.roaringpenguin.com
MIMEDefang mailing list MIMEDefang@list...
http://lists.roaringpenguin.com/mailman/listinfo/mimedefang