> If they would know the passwords, they would do the job much faster
> with SMTP.

Not at all. The very fact that we've had to debate what David needs to
solve  this  problem  proves  that  they  have chosen a mechanism less
likely  to  have  anti-hijacking already in place. And there's nothing
faster  than  using  a  submission  protocol  which  is not policed as
opposed to one that frequently is....

Submission  over HTTP itself may have some more overhead byte-for-byte
(HTTP headers, etc.), but bots've got plenty of bandwidth for that.

> These Spammers are not so stupid to do everythink by hand, if they
> could just start Outlook express to do the job.

I  agree  that I am skeptical about the literal cut-and-paste concept,
but HTTP is as easily automated as SMTP.

> Which country will be next to be excluded? China? Russia? US?

> If you really want to do it, this should be a job for a firewall.

This  is  a  job for an IPS, not a general country-based firewall ACL.
But  the  IPS  should  ideally  be  "learning"  about  bad traffic and
filtering  based  on  behavior,  not  by  country.  It  could then add
firewall ACLs accordingly.


Sanford Whiteman, Chief Technologist
Broadleaf Systems, a division of
Cypress Integrated Systems, Inc.
e-mail: sa...@cypressintegrated.com

SpamAssassin plugs into Declude!

Defuse Dictionary Attacks: Turn Exchange or IMail mailboxes into IMail Aliases!

To Unsubscribe: http://imailserver.com/support/discussion_list/
List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/
Knowledge Base/FAQ: http://imailserver.com/support/kb.html

Reply via email to