>we use the webshield. and i like it.
>what were the security concersn ?
If you are using WebShield, you need to make sure that all domains that you
accept mail for are listed twice, once with the actual name, and once with
the name with a "." after it. For example, if your domain is "example.com"
and you also accept mail for "mail.example.com", you would need 4
entries: "example.com", "mail.example.com", "example.com." and
"mail.example.com.".
The problem is that if you don't have the extra entries, someone could send
mail to "[EMAIL PROTECTED]". Most mail and DNS software will accept this
format (it is technically a correct format), but WebShield will think that
the E-mail is not destined for a local user. So, it will do an MX lookup
of "example.com.", which points to itself. So it will then send itself the
E-mail. When it receives the E-mail, it thinks it isn't local, so it does
the MX lookup, and continues in a loop. The file keeps getting bigger as
more Received: headers are added, and continues to eat up disk space, CPU
time, and bandwidth until finally the server can't take it anymore.
McAfee is aware of this, but when I informed them of the problem, they
chose not to fix it, since adding the extra "example.com." entry will take
care of the problem.
-Scott
---
Declude: Anti-virus, Anti-spam and Anti-hijacking solutions for
IMail. http://www.declude.com
Please visit http://www.ipswitch.com/support/mailing-lists.html
to be removed from this list.
An Archive of this list is available at:
http://www.mail-archive.com/imail_forum%40list.ipswitch.com/
