On 8 Apr 2004 at 18:12, Scott Smith wrote: > Actually, if I'm not mistaken, it would be hundreds, or thousands, of > IPs hammering you with unwanted email. A daily occurance...
I believe Mark was referring to a single server doing a joe job hense my comment of dynamically block an "IP"; for clarification - dynamically block multiple ip's once a certain threshold over time of unwanted emails arrives. Configurable X time and X amount. If w/DJM then by time and X weight. The latter is kinda a 'blend' of DJM and DHijack. [non-existent but would be neat] -Nick Hayer > > Scott Smith - IT Manager > Westside & Detroit Reprographics > 248.489.1999 (Office) > 248.467.0452 (Cell) > [EMAIL PROTECTED] > > ----- Original Message ----- > From: "Nick Hayer" <[EMAIL PROTECTED]> > To: <[EMAIL PROTECTED]> > Sent: Thursday, April 08, 2004 5:59 PM > Subject: Re: [IMail Forum] Are we vulnerable > > > > On 8 Apr 2004 at 16:46, Mark wrote: > > > > > This is a disturbing story. How can we configure our servers to > > > prevent this? > > > > Turning off the NOBODY alias would be helpful right off. I do not > > know a way to dynamically block an IP that hammers you with unwanted > > mail but that would be a nice feature.. > > > > -Nick Hayer > > > > > > > > > > > Mark > > > > > > > > > It is easy even your granny could do it > > > > > > By<mailto:[EMAIL PROTECTED]> INQUIRER staff: Thursday 08 > > > April 2004, 07:49 EXPERTS IN "computer security" have worked out a > > > simple way to knock out any email server. > > > > > > A team at NGS Software said that the trick involves sending forged > > > emails that contain thousands of incorrect addresses in the "copy > > > to" fields. > > > > > > When this package is sent, huge quantities of unwanted email will > > > be sent to another mail server. > > > > > > All it takes is finding a server configured to return an email > > > with attachments to each incorrect address. Next you have to forge > > > an email so it appears to come from the mail server that is to be > > > the target. > > > > > > When the forged email, complete with the thousands of incorrect > > > addresses is sent, an avalanche of "bounced" messages sent to the > > > target server causes it to crash. > > > > > > According to New Scientist, with one little 10K email, hackers > > > could then send 100MB back to a server. > > > > > > A third of the email servers of all Fortune 500 companies are, it > > > appears, open to this kind of attack. If the hacker used an > > > insecure email server the attack would be virtually untraceable. > > > Oh great. > > > > > > > > > --- > > > [This E-mail scanned for viruses courtesy of Netslyder, > > > Inc.(http://www.netslyder.net)] > > > > > > > > > To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html > > > List Archive: > > > http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ > > > Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/ > > > > > > > > > > > To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html > > List Archive: > > http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ > > Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/ > > > > > To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html > List Archive: > http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge > Base/FAQ: http://www.ipswitch.com/support/IMail/ > To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
