Hello,
I have a lite gateway client that uses a database of IPs locations to
screen out any countries before they get to iMail. Really cut down on
the CPU load and still works well with Message Sniffer.
http://sssolutions.net/ew/
The process might be used to screen any activity from Nigeria since
the IP address is a factor in both sending and receiving.
On Jan 5, 2009, at 6:24 AM, David E. Smith wrote:
Lately, I've had a rash of attackers from Nigeria, who have acquired
(through whatever means) legitimate logins and passwords for my
Imail users. They log in, send out a couple thousand emails, and log
out. There are no failed logins, so even an over-zealous account
lockout policy wouldn't work in this instance.
They only send to five or ten recipients at a time, so they avoid
most of the rate-limiting features. But through the magic of cut-and-
paste, they're able to get a few thousand messages an hour sent out.
All the attackers come from IP space listed on ng.blackholes.us, and
I'm willing to annoy any legitimate users of mine that might be
vacationing in Lagos.
Anyone know of a way to apply DNS blacklists to a Web site in IIS,
comparable to mod_dnsbl for Apache?
David Smith
MVN.net
To Unsubscribe: http://imailserver.com/support/discussion_list/
List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/
Knowledge Base/FAQ: http://imailserver.com/support/kb.html
Regards,
Steve Guluk
SGDesign
(949) 661-9333
