Hello All... Recently a SPAMer started sending eMails to the server using a dictionary for eMail addresses like [EMAIL PROTECTED], [EMAIL PROTECTED], etc. Then the eMail Servers trys to send an eMail message back to the sender indicating the eMail was NOT delivered because of a bad eMail address.
So I've set NoSenderBounce to 1. By changing this setting will this stop this behavior? Next, I still need SenderBounce enabled for certain eMail accounts. I was wondering why we don't push down a lot of these configuration options to the domain level like SmarterMail does? If a lot of folks using xMail are ISP / ASP then this would make sense to have management control at the domain level. I don't know if you guys have seen this but the SPAMers are now using your eMail Server, if eMail bounce back Messages are on, to effectively SYN Flood someone. The way this works is they get hold of some domain then point that domain's A to an IP that does NOT have an eMail Server associated with it. Typically, these domains don't have MX records. Then, they send a slow drip of eMails to the same domain, the effect is the eMail Server tries to deliver the bounce back to the sender over and over again. Each time the bounce back is attempted an TCP connection is attempted and of course a SYN is generated first. Now, imagine, that you have several 100 eMails in the message queue, all the time, all trying to connect to that same IP at various intervals based upon the time they were received. And now you get a SYN Flood. How do we solve this? Can you simply ONLY send eMails to domains that have MX records? I know this Probally violates and RFC, however, we else can we do until someone decides to fix the larger SPAM issue. Thanks, Hal Dell Managing Partner Willow Grove, PA - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
