Mail account brute force / harassment
Marc Roos
M.Roos at f1-outsourcing.eu
Thu Apr 11 20:20:18 EEST 2019
>
>> B. With 500GB dump
>> - the owner of the attacking server (probably hacked) will notice it
>> will be forced to take action.
>
>Unlikely. What is very likely is that your ISP shuts you don for
network abuse.
If you not block the request, but allow it, and redirect to a /dev/zero
device that
generates 500GB of messages. How can I ever be accused of network abuse.
Since your logics is not correct on this, how can I assume anything you
write
is correct?
>> If abuse clouds are smart (most are) they would notice that
attacking
>> my servers, will result in the loss of abuse nodes, hence they will
>> not bother me anymore.
>
>Not at all the case.
>
>> If every one would apply strategy B, the abuse problem would get
less.
>
>No. The abuse problem wold be far worse.
>
-----Original Message-----
From: @lbutlr via dovecot [mailto:dovecot at dovecot.org]
Sent: donderdag 11 april 2019 19:11
To: Peter via dovecot
Subject: Re: Mail account brute force / harassment
On 11 Apr 2019, at 04:43, Marc Roos via dovecot <dovecot at dovecot.org>
wrote:
> B. With 500GB dump
> - the owner of the attacking server (probably hacked) will notice it
> will be forced to take action.
Unlikely. What is very likely is that your ISP shuts you don for network
abuse.
> If abuse clouds are smart (most are) they would notice that attacking
> my servers, will result in the loss of abuse nodes, hence they will
> not bother me anymore.
Not at all the case.
> If every one would apply strategy B, the abuse problem would get less.
No. The abuse problem wold be far worse.
--
I thank my lucky stars I'm not superstitious.
More information about the dovecot
mailing list