Stan Hoeppner:
> Yes, as always. I've simply been looking at this from the premise that
> our countermeasures which stop spam connections before the RCPT TO stage
> will also stop dictionary attacks before the RCPT TO stage since such
> attacks typically come from the same types of sources. ...
Some people record the sender and recipient, for the case when (not
if) the countermeasures have the unavoidable false positive.
> "smtpd_delay_reject = yes" doesn't cause a user lookup for each
> connection does it? Doesn't this merely log the RCPT TO address without
> looking it up?
As documented, smtpd_delay_reject changes the timing. It does
not promise anything else.
Wietse
