Steven Jones wrote:
Our site is being constantly "hit" by spammers using bruteforce tactics looking for valid users. At present our servers bounce with "no valid user" is this the best tactic? or is it simply better to stop such bounce msgs? while polite, spammers are taking the p*ss....
I've not yet explored how to do it, but I quite like the idea of blocking connexions from anyone trying my spambait addresses below (yes, they are turning up in my logs).
For that to be properly effective it also needs to be done on all your MXes too.
I don't see that it's important to block then for long - maybe an hour or so, but experience might show otherwise.
Ditto these folk:Aug 5 12:28:01 fw kernel: Shorewall:net2all:DROP:IN=ppp0 OUT= MAC= SRC=219.150.118.21 DST=220.235.62.65 LEN=1489 TOS=0x00 PREC=0xE0 TTL=103 ID=31886 PROTO=UDP SPT=25018 DPT=1026 LEN=1469
-- Cheers John -- spambait 1aaaaaaa@computerdatasafe.com.au Z1aaaaaaa@computerdatasafe.com.au Tourist pics http://portgeographe.environmentaldisasters.cds.merseine.nu/