Ok so I removed the 3 IP addresses for those 3 virtual hosts and now the spool is calm again, but at some point im going to need to put them back in there obviously.
Whats the deal with this? Anyone know? -----Original Message----- From: Sanford Whiteman [mailto:[EMAIL PROTECTED] Sent: Tuesday, August 26, 2003 2:30 AM To: Chandni D Subject: Re[3]: [IMail Forum] Sorry to be a conspiracy theorist. > The possibilty of "spoofing" sounds scary. It would be, yes. > Is there something like that, and if yes, how does one prevent > oneself from it? Sure, there's a lot like it in the hardcore hacking world. However, it's extremely difficult to generate spoofed packets without full root access, let alone routing them; most midrange firewalls and routers already have anti-spoofing capability; and the likelihood of being able to conduct a distributed spam barrage from spoofed addresses, meaning extensive bidirectional communication between many clients and many mail servers, is very, very, very low. (Ownership of intervening machines would make the job easier, but this would represent compromise of a colossal scale, front-page news in itself.) For these reasons and more, I'd ask for a long, hard, and objective look at all available logs before anybody suggests that this method has actually been used "in the wild" to transmit spam. Example #1 of what can look like IP spoofing before that long look: a non-IMail service was hacked on your IMail server and is transmitting from and to the server IP. Example #2: a non-IMail service was hacked on another server on your internal subnet. Example #3: a non-Imail service was hacked on one of your customers' trusted networks. And on and on and on... -Sandy ------------------------------------ Sanford Whiteman, Chief Technologist Broadleaf Systems, a division of Cypress Integrated Systems, Inc. e-mail: [EMAIL PROTECTED] ------------------------------------ To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/ -- This message has been scanned for viruses and dangerous content by eNET's virus protection center, and is believed to be clean. http://www.ee.net To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
