(FAQ) MDaemon 11: How can I configure MDaemon to stop spammers who want to hold connections open?
How can I configure MDaemon to stop spammers who want to hold connections open?
On occasion, malicious senders like spammers can try to abuse the RSET SMTP command (which resets the message-sending process back to the beginning) in an attempt to try and send their message, usually to figure out a valid email address on the server.
MDaemon 11 introduced some new features to limit the number of RSET and RCPT commands senders can give, and close out the connection if it exceeds that limit. You may also ban connections that give too many failed RCPT commands in one session, or too many RSET commands.
To enable the new limits and close out connections if they're exceeded, follow these steps:
- Click the Setup menu
- Click Default Domain / Servers...
- Click Servers in the left pane
- Under ... allows this many RCPT commands or ... allows this many RSET commands, input the desired limit
- Enable Close session if you wish MDaemon to close the connection if this limit is reached
- Click OK
To enable the new Dynamic Screen options to ban connections that exceed a certain amount of RSET or RCPT commands, follow these steps:
- Click on the Security menu
- Click Security Settings
- Click Dynamic Screen in the left pane, under Screening
- Add the desired amount of RSET commands (or failed RCPT commands) allowed under Ban IP that cause this many failed RCPTs in an SMTP session and Ban IPs that issue this many RSETs in an SMTP session, respectively
- Click OK
By default, MDaemon will accept an unlimited amount of RSET commands per session before it's banned, and a maximum of 3 failed RCPT commands.