Am 22.11.2013 10:12, schrieb Alexander Farber: > I run a Drupal 7 website on a CentOS 6.4 server with > postfix-2.6.6-2.2.el6_1.x86_64. > > In the last few months the amount of fake users trying to register at my > website has increased dramatically - I get > 2 or 3 of such registrations per minute. > > Mostly they have fake mail adresses with many dots and at gmail.com > <http://gmail.com>: > > c.ar.eer.t...@gmail.com > all.ego.ry.nl....@gmail.com > b.is.on.bk....@gmail.com > > At the end those users can't register, because a mail confirmation is > required. > > But my mailbox is filled with mail bounces and in the /var/log/maillog I see > my site contacting Gmail servers again > and again
this should be solved on the website and not the MTA * captcha * hidden honeypot field * session token * don't accpet the e-mail address at all problems needs to be solved on the root cause not worked around somewhere else
