[Mimedefang] dictionary attacks looking for a valid user
David F. Skoll
dfs at roaringpenguin.com
Thu Dec 15 23:26:08 EST 2005
Paul Whittney wrote:
> I've been thinking about that, but it was more for a realtime iptables,
> or realtime email monitoring for stats that doesn't involve "tail the
> whole log", or "open log every 5 minutes".
"tail -F" works well, and is close enough to real-time that the delay
> Perhaps this can be used here;
> syslog to a pipe, open the pipe in a process as read/write (doesn't stop
> the reading when logrotate and friends move the files,
GNU tail's "-F" option to the rescue! :-)
> Also, doesn't sendmail cope with rcpt/connection flooding?
More information about the MIMEDefang