> What is your connection between IIS and IMail?  Are you using a version of
> IMail that uses IIS (ie:2006 or later)?

Pretty  clear  that  he is, no? Otherwise there would be no reason for
the  post,  since  he  would  have  more  ownership over the code that
generates the mail.

> We  have  been  using  Declude  Hijack  for many years with IMail to
> detect  and stop these kinds of attacks. It has the weakness that it
> is  IP  based, so (a) if a well-distributed attack were to occur, it
> would  not  detect  it; and (b) if a lot of legit mail comes from an
> individual  server,  you  have to set the detection limits very high
> for  the  server's  IP.  But  on  the  whole,  it has been extremely
> effective for us.

Nothing  against  Hijack, which I have used as well, but it is not the
right tool for stopping hijacking that is initiated over HTTP.


Sanford Whiteman, Chief Technologist
Broadleaf Systems, a division of
Cypress Integrated Systems, Inc.
e-mail: sa...@cypressintegrated.com

SpamAssassin plugs into Declude!

Defuse Dictionary Attacks: Turn Exchange or IMail mailboxes into IMail Aliases!

To Unsubscribe: http://imailserver.com/support/discussion_list/
List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/
Knowledge Base/FAQ: http://imailserver.com/support/kb.html

Reply via email to