lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
From: aditya.deshmukh at online.gateway.technolabs.net (Aditya, ALD [Aditya Lalit Deshmukh]) Subject: Block notification / bounce mails (as in DDOS) point the mx to 127.0.0.1 or localhost for 3 days > -----Original Message----- > From: full-disclosure-admin@...ts.netsys.com > [mailto:full-disclosure-admin@...ts.netsys.com]On Behalf Of Koen > Sent: Thursday, April 01, 2004 8:29 PM > To: full-disclosure@...ts.netsys.com > Subject: Re: [Full-Disclosure] Block notification / bounce mails (as in > DDOS) > > > Niek Baakman wrote: > >> <question> > >> What would you do when a spammer uses your mail-address as the "From:" > >> and the mails that are sent by the spammer get all bounced back by > >> legitimated mail-servers to your mailhandlers? All the bounces would > >> return to you - as you are the 'from' (assume a rate of 1.000 a > >> minute) and this traffic would kill your network-connection. You > >> wouldn't be able to receive any mail because your mailserver can no > >> longer handle the load > >> </question> > > > > - Apply filters on your mailserver. > These filters will not react because my mailserver 'is' already dead. > > - If it doesn't harm other employees: temp. change the mx record. > How would changing my mx-records affect the outcome? > When the first mailhandler can't handle the load, mail will be > picked up by > the 'backup-mailserver'..but this would in effect only cascade to > the other > (backup)mailservers and as a result they would eventually also > dye. I think > this is only a solution if I can add serveral (and I mean lots of) > backupmailservers so that the load is spread. I think this is not > really an > option. > > Thanks for the reponse. > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.netsys.com/full-disclosure-charter.html >
Powered by blists - more mailing lists