Security Basics mailing list archives

SMTP DDoS

From: "Kip Sr." <kipsr1 () yahoo com>
Date: Sat, 9 Aug 2003 18:50:39 -0700 (PDT)

Hi everyone,

For the past 10 days, our mail exchange server has
been getting flooded with emails. It appears that an
attacker is sending out tons of spam through various
open relays and using our address
(sales () mycompany com) in the return path. so
essentially, all bounced emails are coming back to our
mail server - we're seeing about 30,000 NDRs per day.
I am using filters to delete the incoming email, but
does anyone else have any other ideas on how to get
this stopped? Since the NDRs are coming from
legitimate sources, checking for open relays wont do
me any good. 

Help!!!

Kip.









__________________________________
Do you Yahoo!?
Yahoo! SiteBuilder - Free, easy-to-use web site design software
http://sitebuilder.yahoo.com

---------------------------------------------------------------------------
----------------------------------------------------------------------------

Current thread:

SMTP DDoS Kip Sr. (Aug 11)
- Re: SMTP DDoS Karma (Aug 12)
- Re: SMTP DDoS stephane nasdrovisky (Aug 13)
- Re: SMTP DDoS chort (Aug 14)
- <Possible follow-ups>
- Re: SMTP DDoS Tomas Wolf (Aug 11)