Hi, On Wednesday 15 January 2003 23:51, Scherer Pierre wrote: > For my study, I must check several attacks against mail server.
Have a look at mailing list archives for security problems like bugtraq, Suse Security, etc. Google for sendmail patches or try a book on system security. > First, I must write a document with possible attacks and theirs > solutions ( in theory ) and after, I must see if James is protecting > against them. The problem is that it's very difficult to find > documentations on MAIL (only mail) server attacks. Maybe you should categorize the attacks. a) Denial of service Recently a mail server detected a virus in a mail and sent out warnings to all recipients. These were local recipients and these warnings came through the same server sending it and had attatched a copy of the bad mail -- with the virus. This was detected as a virus mail again and again a warning was sent. The server broke down after half an hour. b) Getting access to system Exploits in handling bad formatted mails, huge mails, etc. (SMTP) c) Getting access to other people's mail Again via exploits (IMAP, POP3). Reading the mail RFCs should provide some ideas on details. Robert -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
