b) nobody aliases will allow attackers to consume tons of your WAN link bandwidth, your Imail machine's resources accepting/storing/logging these crap msgs, and fill your disk with Gb of crap in a very short time, giving you hours of work to clean it up, and then defrag your heavily accessed/delted mailbox partition.1) you can set up a nobody alias and the dictionary attacks will diminish or even cease. By the way the largest single session I recorded had more than 2,000 recipients.a) the downside is that spam will increase
c) so don't do it
There is a fairly mature packet filter for win23 based on ipfilter for *BSD that is probably more efficient than other approaches, esp Imail access list, when you get to 1000's of rules and efficiency really counts. The rules are in text files, not in some non-text or registry.2) Roger Heath reported good results with Black Ice Server
this can work well for certain types of attacks, esp from fixed ip, but of course is much more difficult when from 1000's of ip's, where the packetfilter has to be efficient to keep up. the best defense is on a machine upstream from the mailbox server.3) You can block addresses using the access list but I for one gave this up as a lost cause
4) You can employ an IMGATE solution and kill the attacks at a low rejected recipient rate After considerable effort and programming I chose Number 1.
bzzzzt. wrong answer! :))) Len To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
