Re: [Declude.JunkMail] A Question of Ethics
All, As I read your replies, 1984 plays on Showtime (I kid you not!). The main character just read a printed letter (prehistoric email) and promptly burned it in his desk side incinerator. Thank you for your thoughtful, candid, and emphatic responses. If I may wax philosophic (and Socratic), what we are dealing with is human nature and our new found ability to do things we may have wanted to do but lacked the technology. What makes 'stolen' web time or email time (or instant messenger time) different from time spent smoking by the back door or chatting is that our technology allows us to track, store, and most importantly, tally it up. As trackers, storers, and talliers, we facilitate this. Ethics asks but one question: should we? To this question, you have surprising and valuable answers. The judgment of a tool cannot be separated from its uses, so what are its uses. Employers own the computers, the software, the network backbone, the bandwidth, and the employees time; given up in exchange for the employers money. The employer then, owns the 'right' to do that which and have done with what they wish. But there is a line. Imagine a classroom full of kids whispering to one another. Now imagine that instead, they are passing notes. Now imagine they all have laptops that communicate through school owned networks (say 802.11). Kids have always been passing notes and teachers have always been catching them, some of them, once in a while. The difference with laptops and software, however, is that the school monitors ALL messages and catches ALL inappropriate notes, down to the smallest whisper. What makes 1984 so rediculous is not that so much snooping would happen, its that so many jobs/people/energy would be devoted to the task. With technology, that limitation melts away. In my particular example, the employer very likely knew what was going on (like the 'bad' kid in class). He was probably a gross time waster deserved to be fired. My concern isn't with him, its with everyone still there. Suppose that every other employee finds out that the fired employee was in part (even the smallest part) caught because of email he expected to receive that instead went to management. What does it do to their psyche's? My greatest fear is my intelligence being used to hurt others. I push my Declude configuration to the edge of perfection and beyond so I can beat the spammers and while this is no Trinity (1st atom bomb project), I want to be aware of its potential uses and misuses. As for To many companies ethics is spelled ethic$. Hopefully we as a group are not among them. I consider Declude admins to be as Declude, a cut above. Dan On Wednesday, February 26, 2003 16:20, Dan Patnode [EMAIL PROTECTED] wrote: I realize this is two questions in one day, but its a slow list day, so: Rather than deleting spam, I forward it tagged or to a shared mailbox, clients choice. I just found out that within a week of starting my my anti spam service (delivery choice 2), a company fired an employee for receiving tons of porn via email. They also have web monitoring in place so this was the last piece to their puzzle, but... How does everyone feel about our role playing Big Brother against employees? Dan --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.JunkMail. The archives can be found at http://www.mail-archive.com. --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.JunkMail. The archives can be found at http://www.mail-archive.com.
[Declude.JunkMail] Spam floods
I have one domain on my server who for a while, had a nobody alias in place, so it would accept any email sent to it, regardless of the address. Somehow it has gotten on public spam lists - someone generated a ton of bogus addresses @domain.com (not the real domain, obviously) and it's obviously being sent around or sold as part of a spam email list. As a result, he was getting almost 10,000 spams a day, most of which were being caught by Declude. However, several times a day we would have idiot spammers who were connecting and attempting to send 20-30 messages a second, which was totally crippling my server. I had him remove the nobody alias, so at least there's no longer the load on the server of Declude trying to spam check and virus check every piece of spam these idiots were sending. However, at least once a day I still have some idiot spammer connecting and crippling my server for half an hour or so, attempting to send 20-30 messages a second. The IP addresses are always spoofed, so I can't block it that way. They tie up all available inbound SMTP connections, so the SMTP server appears dead to my REAL clients, and any valid mail they should be receiving doesn't get through. As well, it puts both CPUs in the server up to 100% rejecting the mail, slowing the server down for everyone else. SMTP logs are filled with thousands of entries like this: 20030227 091017 127.0.0.1 SMTPD (003A0640) [217.82.173.37] RCPT TO: [EMAIL PROTECTED] 20030227 091017 127.0.0.1 SMTPD (003A0640) [217.82.173.37] ERR domain.com invalid user [EMAIL PROTECTED] 20030227 091017 127.0.0.1 SMTPD (000D0584) [217.82.59.117] RCPT TO: [EMAIL PROTECTED] 20030227 091017 127.0.0.1 SMTPD (000D0584) [217.82.59.117] ERR domain.com invalid user [EMAIL PROTECTED] 20030227 091017 127.0.0.1 SMTPD (00280604) [217.82.59.117] RCPT TO: [EMAIL PROTECTED] 20030227 091017 127.0.0.1 SMTPD (00280604) [217.82.59.117] ERR domain.com invalid user [EMAIL PROTECTED] 20030227 091017 127.0.0.1 SMTPD (002D055A) [217.82.173.37] RCPT TO: [EMAIL PROTECTED] 20030227 091017 127.0.0.1 SMTPD (002D055A) [217.82.173.37] ERR domain.com invalid user [EMAIL PROTECTED] 20030227 091017 127.0.0.1 SMTPD (01650418) [217.81.250.86] RCPT TO: [EMAIL PROTECTED] 20030227 091017 127.0.0.1 SMTPD (01650418) [217.81.250.86] ERR domain.com invalid user [EMAIL PROTECTED] Any ideas what I can do about this? Is there anything I can do? ___ Scott MacLean [EMAIL PROTECTED] ICQ: 9184011 http://www.nerosoft.com --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.JunkMail. The archives can be found at http://www.mail-archive.com.
RE: Re[2]: DSN:Re: Re[2]: [Declude.JunkMail] A Question of Ethics
I'll trust you on that, and apologize for the roundhouse classification. Yet in your several dozen cases where divorces were contemplated, employee terminations took place, even people who were sent back to prison and kids who have been grounded examples, clearly your tool was used as spyware. And these are the cases which you brought under discussion. This is only in reference to a business environment. I suppose you can say that any monitoring tool or piece of software could be spyware. I know in several instances where employee's were let go or suspended due to inappropriate activity were based solely on the analysis of firewall logs that record all internet activity. In our Computer Security Policy we do not specifically say that the firewall is logging everyone's internet surfing activities. However in the computer security document it is spelled out that they are using company equipment and the company reserves the right to monitor any and all activity. Would you say in this instance that the tools (firewall logging) used would be classified as spyware? Darrell --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.JunkMail. The archives can be found at http://www.mail-archive.com.
Re: [Declude.JunkMail] Spam floods
I had him remove the nobody alias, so at least there's no longer the load on the server of Declude trying to spam check and virus check every piece of spam these idiots were sending. However, at least once a day I still have some idiot spammer connecting and crippling my server for half an hour or so, attempting to send 20-30 messages a second. The IP addresses are always spoofed, so I can't block it that way. Actually, they are not spoofed (it's nearly impossible to send spam with spoofed IPs). You're not dealing with a standard run-of-the-mill idiot spammer; you're dealing with a professional spammer-for-hire (who is also an idiot). Those IPs are real -- they are the IPs of servers that he has compromised. That's how he can send 20-30 messages a second. 20030227 091017 127.0.0.1 SMTPD (003A0640) [217.82.173.37] RCPT TO: [EMAIL PROTECTED] 20030227 091017 127.0.0.1 SMTPD (000D0584) [217.82.59.117] RCPT TO: [EMAIL PROTECTED] 20030227 091017 127.0.0.1 SMTPD (01650418) [217.81.250.86] RCPT TO: [EMAIL PROTECTED] Any ideas what I can do about this? Is there anything I can do? There aren't many options in a case like this -- it is a classic DDoS attack. One is to block all the IPs using the IMail Control Access file. On the IMail Forum, some people have suggested using BlackIce Server, which can apparently block such attacks. -Scott --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.JunkMail. The archives can be found at http://www.mail-archive.com.
RE: [Declude.JunkMail] A Question of Ethics
The recurring theme I'm seeing in this thread is a concern of being implicated in the misuse of the Declude (or similar) tools to punish someone wrongly. That's a valid concern. What's being left unsaid is a concern of previously established tools (such as high speed internet access and Email) being misused and causing personal harm. The focus is on how the new tool is being used, not how the old tool has been corrupted. I see being part of an anti-pornography effort at work being very similar to removing liquor from your house if you have a guest who's a recovering alcoholic. If you approach your task from the vantage of helping someone AVOID a problem, you are taking the right action. I believe the fact that some employers may misuse information to mistreat employees is countered by the fact that some employees abuse the trust employers place in them. Your goal should be to be discerning on who you choose to associate with so that you are not worrying about whether a tool created for good is turned to evil. Hope this helps, -Bill Naber -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Dan Patnode Sent: Wednesday, February 26, 2003 7:20 PM To: [EMAIL PROTECTED] Subject: [Declude.JunkMail] A Question of Ethics I realize this is two questions in one day, but its a slow list day, so: Rather than deleting spam, I forward it tagged or to a shared mailbox, clients choice. I just found out that within a week of starting my my anti spam service (delivery choice 2), a company fired an employee for receiving tons of porn via email. They also have web monitoring in place so this was the last piece to their puzzle, but... How does everyone feel about our role playing Big Brother against employees? Dan --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.JunkMail. The archives can be found at http://www.mail-archive.com. --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.JunkMail. The archives can be found at http://www.mail-archive.com.
RE: Re[2]: DSN:Re: Re[2]: [Declude.JunkMail] A Question of Ethics
On 02/27/03 9:32am you wrote... I'll trust you on that, and apologize for the roundhouse classification. Yet in your several dozen cases where divorces were contemplated, employee terminations took place, even people who were sent back to prison and kids who have been grounded examples, clearly your tool was used as spyware. And these are the cases which you brought under discussion. This is only in reference to a business environment. Would you say in this instance that the tools (firewall logging) used would be classified as spyware? I would imagine that any product that logs any activity could be considered spyware in certain circumstances. This includes IMail, Declude, Exchange, MS Proxy, anything that logs activity. There is a huge difference between products that log activity and spyware. For example, there is a product that takes low res screen shots of the computer and allows the parent, employer, or other supervisorial person to playback everything that was done. Several of CYBERsitter's competitors have built in keyboard logging that keeps a record of everything typed. Although I am sure this has cost us sales and review points, we have consistently refused to incorporate similar functions into CYBERsitter. We have been asked thousands of times to provide functions to capture email messages, and capture instant messaging content. Certainly this is possible, but we won't do that either although there are other products have this capability. In my opinion, these are spyware products. Our primary purpose in keeping logs is for support purposes. The user's purpose is probably different, but here again, this is a common function of all tools that manage or distribute content. We also track users who come to our web sites. We know what pages they visit, their browser versions, IP addresses, locale, referrers, and operating systems. We, like tens of thousands of other online retailers, use this information for improving traffic flow, determining user interest, and fine tuning our marketing. So are we spying on our customers? I can use the logs generated by IMail to spy on people as easily as any spyware product. I can see who sent what to who, where and when. Does this make it spyware? I don't think so. You can hold any message that meets certain criteria with Declude and the administrator can read the entire message. It doesn't have to be spam. Does this make Declude spyware too? I think that an overly broad interpretation of what is spyware is foolish, no matter how the data is used. Virtually every Internet related application is designed to manage or regulate the distribution or reception of data in some way. Tools that log activity are absolutely necessary. Tools that are intentionally designed to invade a users privacy are quite another thing entirely. --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.JunkMail. The archives can be found at http://www.mail-archive.com.
RE: Re[2]: DSN:Re: Re[2]: [Declude.JunkMail] A Question of Ethics
The term spyware refers to software whose sole purpose is to surreptitiously gather and transmit information about a user. A firewall log is a neutral record of general internet activity. Any reasonably informed adult who uses the internet should understand their actions may be logged, in the same way they understand a policeman might be watching them when they drive their car down a road. Certain parts of our daily activities are observed; that's a facet of urban life. What matters is whether the prior intent of the observation is hostile. Keith Purtell, Web/Network Administrator VantageMed Operations (Kansas City) Email: [EMAIL PROTECTED] CONFIDENTIALITY NOTICE: This email message, including any attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply email and destroy all copies of the original message. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Darrell L. Sent: Thursday, February 27, 2003 8:33 AM To: [EMAIL PROTECTED] Subject: RE: Re[2]: DSN:Re: Re[2]: [Declude.JunkMail] A Question of Ethics I suppose you can say that any monitoring tool or piece of software could be spyware. I know in several instances where employee's were let go or suspended due to inappropriate activity were based solely on the analysis of firewall logs that record all internet activity. In our Computer Security Policy we do not specifically say that the firewall is logging everyone's internet surfing activities. However in the computer security document it is spelled out that they are using company equipment and the company reserves the right to monitor any and all activity. Would you say in this instance that the tools (firewall logging) used would be classified as spyware? Darrell --- [This E-mail scanned for viruses by Declude Virus] --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.JunkMail. The archives can be found at http://www.mail-archive.com.
RE: Re[2]: DSN:Re: Re[2]: [Declude.JunkMail] A Question of Ethics
In a corporate setting a company may or may not have an Internet/email/conduct policy. If not, it may be very dificult to fire someone for conduct that they didn't agree to abide by and if it came to a lawsuit they would probably loose. In fact the company could loose twice. Once by someone who was offended by a fellow employees use of porn at the workplace and second by a wrongful termination suit by the offender. Many companies just added the Internet and email to the system without considering the concequences. Time to examine the company policies. David -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Keith Purtell Sent: Thursday, February 27, 2003 9:34 AM To: [EMAIL PROTECTED] Subject: RE: Re[2]: DSN:Re: Re[2]: [Declude.JunkMail] A Question of Ethics The term spyware refers to software whose sole purpose is to surreptitiously gather and transmit information about a user. A firewall log is a neutral record of general internet activity. Any reasonably informed adult who uses the internet should understand their actions may be logged, in the same way they understand a policeman might be watching them when they drive their car down a road. Certain parts of our daily activities are observed; that's a facet of urban life. What matters is whether the prior intent of the observation is hostile. Keith Purtell, Web/Network Administrator VantageMed Operations (Kansas City) Email: [EMAIL PROTECTED] CONFIDENTIALITY NOTICE: This email message, including any attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply email and destroy all copies of the original message. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Darrell L. Sent: Thursday, February 27, 2003 8:33 AM To: [EMAIL PROTECTED] Subject: RE: Re[2]: DSN:Re: Re[2]: [Declude.JunkMail] A Question of Ethics I suppose you can say that any monitoring tool or piece of software could be spyware. I know in several instances where employee's were let go or suspended due to inappropriate activity were based solely on the analysis of firewall logs that record all internet activity. In our Computer Security Policy we do not specifically say that the firewall is logging everyone's internet surfing activities. However in the computer security document it is spelled out that they are using company equipment and the company reserves the right to monitor any and all activity. Would you say in this instance that the tools (firewall logging) used would be classified as spyware? Darrell --- [This E-mail scanned for viruses by Declude Virus] --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.JunkMail. The archives can be found at http://www.mail-archive.com. --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.JunkMail. The archives can be found at http://www.mail-archive.com.
RE: Re[2]: DSN:Re: Re[2]: [Declude.JunkMail] A Question of Ethics
My feelings are along this same line. It seems that this questions revolves around what the stated company policy is regarding usage of these company resources. As stated in several emails before, email and internet usage and the computers they are used are are company owned assets and should be managed as such. To me they are no different than any other company owned asset; vehicles, equipment, tools, facilites, telephones etc. There is a perceived idea that these tools are free. The allowed usage and subsequent penalty for misuse should be covered by an enforceable company policy. If an adequate policy is in place, would it be any different to fire an employee for misuse of a company vehicle (personal deliveries and errands on company time for example) than for downloading porn? I think it is time to examine what the stated policy is on this usage. Does anyone have a company policy for email/internet use that they would be willing to share? I believe ours needs some updating. Dan Spangenberg -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of David Stavert Sent: Thursday, February 27, 2003 10:50 AM To: [EMAIL PROTECTED] Subject: RE: Re[2]: DSN:Re: Re[2]: [Declude.JunkMail] A Question of Ethics In a corporate setting a company may or may not have an Internet/email/conduct policy. If not, it may be very dificult to fire someone for conduct that they didn't agree to abide by and if it came to a lawsuit they would probably loose. In fact the company could loose twice. Once by someone who was offended by a fellow employees use of porn at the workplace and second by a wrongful termination suit by the offender. Many companies just added the Internet and email to the system without considering the concequences. Time to examine the company policies. David -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Keith Purtell Sent: Thursday, February 27, 2003 9:34 AM To: [EMAIL PROTECTED] Subject: RE: Re[2]: DSN:Re: Re[2]: [Declude.JunkMail] A Question of Ethics The term spyware refers to software whose sole purpose is to surreptitiously gather and transmit information about a user. A firewall log is a neutral record of general internet activity. Any reasonably informed adult who uses the internet should understand their actions may be logged, in the same way they understand a policeman might be watching them when they drive their car down a road. Certain parts of our daily activities are observed; that's a facet of urban life. What matters is whether the prior intent of the observation is hostile. Keith Purtell, Web/Network Administrator VantageMed Operations (Kansas City) Email: [EMAIL PROTECTED] CONFIDENTIALITY NOTICE: This email message, including any attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply email and destroy all copies of the original message. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Darrell L. Sent: Thursday, February 27, 2003 8:33 AM To: [EMAIL PROTECTED] Subject: RE: Re[2]: DSN:Re: Re[2]: [Declude.JunkMail] A Question of Ethics I suppose you can say that any monitoring tool or piece of software could be spyware. I know in several instances where employee's were let go or suspended due to inappropriate activity were based solely on the analysis of firewall logs that record all internet activity. In our Computer Security Policy we do not specifically say that the firewall is logging everyone's internet surfing activities. However in the computer security document it is spelled out that they are using company equipment and the company reserves the right to monitor any and all activity. Would you say in this instance that the tools (firewall logging) used would be classified as spyware? Darrell --- [This E-mail scanned for viruses by Declude Virus] --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.JunkMail. The archives can be found at http://www.mail-archive.com. --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.JunkMail. The archives can be found at http://www.mail-archive.com. --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.JunkMail
Re: [Declude.JunkMail] A Question of Ethics
Below is an overview of what I believe is most relevant to me (in reverse chronological order), thank you for helping me clarify a troubling situation!: I believe the fact that some employers may misuse information to mistreat employees is countered by the fact that some employees abuse the trust employers place in them. Your goal should be to be discerning who you choose to associate with so that you are not worrying about whether a tool created for good is turned to evil. -Bill Virtually every Internet related application is designed to manage or regulate the distribution or reception of data in some way. Tools that log activity are absolutely necessary. Tools that are intentionally designed to invade a users privacy are quite another thing entirely. -Brian A firewall log is a neutral record of general Internet activity. Any reasonably informed adult who uses the Internet should understand their actions may be logged, in the same way they understand a policeman might be watching them when they drive their car down a road. Certain parts of our daily activities are observed; that's a facet of urban life. What matters is whether the prior intent of the observation is hostile. -Keith In fact the company [without an Internet use policy] could loose twice. Once by someone who was offended by a fellow employees use of porn at the workplace and second by a wrongful termination suit by the offender. Many companies just added the Internet and email to the system without considering the consequences. Time to examine the company policies. -David any action or change on our part to manipulate the information presented to the client would be unethical in itself. -John If, however, you feel that, acting as a spam expert, you did not adequately represent the extremely high likelihood that pornographic e-mail is unsolicited, or, even worse, gave the reverse impression (i.e., that your filtering service--impossibly!--only allows through porn that was desired by the end user, deleting everything else on arrival), you should try to remedy this misunderstanding immediately. -Sandy --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.JunkMail. The archives can be found at http://www.mail-archive.com.
Re: [Declude.JunkMail] Spam floods
I wonder; would a firewall's session limits DDoS feature protect against something like this? Anybody? Just a thought. Dave Scott MacLean wrote: I have one domain on my server who for a while, had a nobody alias in place, so it would accept any email sent to it, regardless of the address. Somehow it has gotten on public spam lists - someone generated a ton of bogus addresses @domain.com (not the real domain, obviously) and it's obviously being sent around or sold as part of a spam email list. As a result, he was getting almost 10,000 spams a day, most of which were being caught by Declude. However, several times a day we would have idiot spammers who were connecting and attempting to send 20-30 messages a second, which was totally crippling my server. I had him remove the nobody alias, so at least there's no longer the load on the server of Declude trying to spam check and virus check every piece of spam these idiots were sending. However, at least once a day I still have some idiot spammer connecting and crippling my server for half an hour or so, attempting to send 20-30 messages a second. The IP addresses are always spoofed, so I can't block it that way. They tie up all available inbound SMTP connections, so the SMTP server appears dead to my REAL clients, and any valid mail they should be receiving doesn't get through. As well, it puts both CPUs in the server up to 100% rejecting the mail, slowing the server down for everyone else. SMTP logs are filled with thousands of entries like this: 20030227 091017 127.0.0.1 SMTPD (003A0640) [217.82.173.37] RCPT TO: [EMAIL PROTECTED] 20030227 091017 127.0.0.1 SMTPD (003A0640) [217.82.173.37] ERR domain.com invalid user [EMAIL PROTECTED] 20030227 091017 127.0.0.1 SMTPD (000D0584) [217.82.59.117] RCPT TO: [EMAIL PROTECTED] 20030227 091017 127.0.0.1 SMTPD (000D0584) [217.82.59.117] ERR domain.com invalid user [EMAIL PROTECTED] 20030227 091017 127.0.0.1 SMTPD (00280604) [217.82.59.117] RCPT TO: [EMAIL PROTECTED] 20030227 091017 127.0.0.1 SMTPD (00280604) [217.82.59.117] ERR domain.com invalid user [EMAIL PROTECTED] 20030227 091017 127.0.0.1 SMTPD (002D055A) [217.82.173.37] RCPT TO: [EMAIL PROTECTED] 20030227 091017 127.0.0.1 SMTPD (002D055A) [217.82.173.37] ERR domain.com invalid user [EMAIL PROTECTED] 20030227 091017 127.0.0.1 SMTPD (01650418) [217.81.250.86] RCPT TO: [EMAIL PROTECTED] 20030227 091017 127.0.0.1 SMTPD (01650418) [217.81.250.86] ERR domain.com invalid user [EMAIL PROTECTED] Any ideas what I can do about this? Is there anything I can do? ___ Scott MacLean [EMAIL PROTECTED] ICQ: 9184011 http://www.nerosoft.com --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.JunkMail. The archives can be found at http://www.mail-archive.com. -- David M. Delbridge President CEO Circa 3000 ColdFusion Hosting http://www.circa3k.com 775-832-2445 --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.JunkMail. The archives can be found at http://www.mail-archive.com.