On 8 Apr 2004 at 16:46, Mark wrote: > This is a disturbing story. How can we configure our servers to > prevent this?
Turning off the NOBODY alias would be helpful right off. I do not know a way to dynamically block an IP that hammers you with unwanted mail but that would be a nice feature.. -Nick Hayer > Mark > > > It is easy even your granny could do it > > By<mailto:[EMAIL PROTECTED]> INQUIRER staff: Thursday 08 April > 2004, 07:49 EXPERTS IN "computer security" have worked out a simple > way to knock out any email server. > > A team at NGS Software said that the trick involves sending forged > emails that contain thousands of incorrect addresses in the "copy to" > fields. > > When this package is sent, huge quantities of unwanted email will be > sent to another mail server. > > All it takes is finding a server configured to return an email with > attachments to each incorrect address. Next you have to forge an email > so it appears to come from the mail server that is to be the target. > > When the forged email, complete with the thousands of incorrect > addresses is sent, an avalanche of "bounced" messages sent to the > target server causes it to crash. > > According to New Scientist, with one little 10K email, hackers could > then send 100MB back to a server. > > A third of the email servers of all Fortune 500 companies are, it > appears, open to this kind of attack. If the hacker used an insecure > email server the attack would be virtually untraceable. Oh great. > > > --- > [This E-mail scanned for viruses courtesy of Netslyder, > Inc.(http://www.netslyder.net)] > > > To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html > List Archive: > http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge > Base/FAQ: http://www.ipswitch.com/support/IMail/ > To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
