Actually, if I'm not mistaken, it would be hundreds, or thousands, of IPs hammering you with unwanted email.
Scott Smith - IT Manager Westside & Detroit Reprographics 248.489.1999 (Office) 248.467.0452 (Cell) [EMAIL PROTECTED] ----- Original Message ----- From: "Nick Hayer" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Thursday, April 08, 2004 5:59 PM Subject: Re: [IMail Forum] Are we vulnerable > On 8 Apr 2004 at 16:46, Mark wrote: > > > This is a disturbing story. How can we configure our servers to > > prevent this? > > Turning off the NOBODY alias would be helpful right off. I do not > know a way to dynamically block an IP that hammers you with unwanted > mail but that would be a nice feature.. > > -Nick Hayer > > > > > > Mark > > > > > > It is easy even your granny could do it > > > > By<mailto:[EMAIL PROTECTED]> INQUIRER staff: Thursday 08 April > > 2004, 07:49 EXPERTS IN "computer security" have worked out a simple > > way to knock out any email server. > > > > A team at NGS Software said that the trick involves sending forged > > emails that contain thousands of incorrect addresses in the "copy to" > > fields. > > > > When this package is sent, huge quantities of unwanted email will be > > sent to another mail server. > > > > All it takes is finding a server configured to return an email with > > attachments to each incorrect address. Next you have to forge an email > > so it appears to come from the mail server that is to be the target. > > > > When the forged email, complete with the thousands of incorrect > > addresses is sent, an avalanche of "bounced" messages sent to the > > target server causes it to crash. > > > > According to New Scientist, with one little 10K email, hackers could > > then send 100MB back to a server. > > > > A third of the email servers of all Fortune 500 companies are, it > > appears, open to this kind of attack. If the hacker used an insecure > > email server the attack would be virtually untraceable. Oh great. > > > > > > --- > > [This E-mail scanned for viruses courtesy of Netslyder, > > Inc.(http://www.netslyder.net)] > > > > > > To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html > > List Archive: > > http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge > > Base/FAQ: http://www.ipswitch.com/support/IMail/ > > > > > > To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html > List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ > Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/ > To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
