On Mon, 19 Aug 2013, David F. Skoll wrote:
On Mon, 19 Aug 2013 08:36:14 -0700 (PDT)
John Hardin wrote:
[...]
In addition, tarpitting is at least partly intended to help *others*,
by getting the attacker stuck before it moves on to the next target.
OK; I guess it's just a difference in mind
On Mon, 19 Aug 2013 08:36:14 -0700 (PDT)
John Hardin wrote:
[...]
> In addition, tarpitting is at least partly intended to help *others*,
> by getting the attacker stuck before it moves on to the next target.
OK; I guess it's just a difference in mindset. I approach the problem
with the follow
On Mon, 19 Aug 2013, David F. Skoll wrote:
On Mon, 19 Aug 2013 07:52:15 -0700 (PDT)
John Hardin wrote:
Have you considered TCP Tarpitting instead of just blocking them?
Blocking them doesn't actually *punish* them. Getting their MTAs
*stuck* for hours or days does.
IMO, tarpitting is usele
>It seems to me that greylisting and TCP tarpitting catch both sides of the
>problem. Greylisting blocks junk from the single-attempt zombies, and TCP
>tarpitting will catch the ones who are persistent offenders.
Maybe, probably not. Modern MTAs, even the ones that are not
spambots, can run hun
On 8/19/2013 7:31 AM, John Hardin wrote:
On Sun, 18 Aug 2013, Len Conrad wrote:
Came up with a cool trick that seems to be working well after
running for several months.
I do the same by harvesting the IPs that fail SMTP AUTH a number of
times, and then if more than a number of IPs in a Cla
On Mon, 19 Aug 2013 07:52:15 -0700 (PDT)
John Hardin wrote:
> >> Have you considered TCP Tarpitting instead of just blocking them?
> >> Blocking them doesn't actually *punish* them. Getting their MTAs
> >> *stuck* for hours or days does.
> > IMO, tarpitting is useless. When you have hundreds, t
On Mon, 19 Aug 2013, David F. Skoll wrote:
On Mon, 19 Aug 2013 07:31:33 -0700 (PDT)
John Hardin wrote:
Have you considered TCP Tarpitting instead of just blocking them?
Blocking them doesn't actually *punish* them. Getting their MTAs
*stuck* for hours or days does.
IMO, tarpitting is use
On Mon, 19 Aug 2013 07:31:33 -0700 (PDT)
John Hardin wrote:
> Have you considered TCP Tarpitting instead of just blocking them?
> Blocking them doesn't actually *punish* them. Getting their MTAs
> *stuck* for hours or days does.
IMO, tarpitting is useless. When you have hundreds, thousands or
On Sun, 18 Aug 2013, Len Conrad wrote:
Came up with a cool trick that seems to be working well after running for
several months.
I do the same by harvesting the IPs that fail SMTP AUTH a number of
times, and then if more than a number of IPs in a ClassC, I block the
entire ClassC.
I do th
>Came up with a cool trick that seems to be working well after running for
>several months.
I do the same by harvesting the IPs that fail SMTP AUTH a number of times, and
then if more than a number of IPs in a ClassC, I block the entire ClassC.
I don't care about the body of the msgs they AUTH
On 8/18/2013 4:34 PM, Alex wrote:
Hi,
Came up with a cool trick that seems to be working well after
running for several months.
I have several servers that are used for spam filtering and no
authenticated connections for sending email. However I advertise
that I have authen
Hi,
Came up with a cool trick that seems to be working well after running for
> several months.
>
> I have several servers that are used for spam filtering and no
> authenticated connections for sending email. However I advertise that I
> have authentication just to attract those who would try to
Came up with a cool trick that seems to be working well after running
for several months.
I have several servers that are used for spam filtering and no
authenticated connections for sending email. However I advertise that I
have authentication just to attract those who would try to hack
pass
13 matches
Mail list logo
