lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
From: Richard.Gadsden at cobbetts.co.uk (Richard Gadsden)
Subject: Block notification / bounce mails (as in DDOS)

Security <mailto:koen4security@...mail.com> wrote on Thursday, 1 April 2004 3:06 p.m.:

> <question>
> What would you do when a spammer uses your mail-address as the
> "From:" and the mails that are sent by the spammer get all bounced
> back by legitimated mail-servers to your mailhandlers? All the
> bounces would return to you - as you are the 'from' (assume a rate of
> 1.000 a minute) and this traffic would kill your network-connection.
> You wouldn't be able to receive any mail because your mailserver can
> no longer handle the load </question>

If you can manage this, start breaking an RFC and throw out anything with
a MAIL FROM:<>

That should get rid of the bounces but not the annoyed replies from hostile users.
==================================================
Cobbetts makes its debut in the Sunday Times "100 Best Companies to Work For 2004"
With an overall ranking of 12th place, this is the first time the firm has entered the 100 Best Listings, 
which gauges employees' satisfaction.
For further details click here
http://www.cobbetts.co.uk/news63.html
==================================================
Confidentiality Notice: The information contained in this e-mail 
is for the intended recipient(s) alone. It may contain privileged 
and confidential information that is exempt from disclosure under 
English law and if you are not an intended recipient, you must not
copy, distribute or take any action in reliance on it. If you have
received this e-mail in error, please notify us immediately either
by using the reply facility on your e-mail system or by contacting
us at the address below. If this message is being transmitted 
over the Internet, be aware that it may be intercepted by third 
parties. 

Cobbetts offices are at:
Ship Canal House, King Street, Manchester, M2 4WB,
England. 
Telephone: +44 161 833 3333; Fax: +44 161 833 3030.

Trafalgar House, 29 Park Place, Leeds, LS1 2SP,
England.
Telephone: +44 113 246 8123; Fax +44 113 244 2863
www.cobbetts.co.uk

This firm is authorised by the FSA to conduct investment 
business.
=================================================

Powered by blists - more mailing lists