> > Does anyone know if ipSwitch will put in a DOS defense regarding the > > Code Red virus and its variants? I wouldn't think this is hard to do. > > It might not be hard to do, but I don't think it would help much either. > > CodeRed is only dangerous to IIS. IMail doesn't use IIS, so to it a CodeRed > attempt looks like junk and IMail more or less ignores it. A CodeRed > specific defense in IMail couldn't do much better - it would still receive > the junk before it could do anything with it. > > If you want DoS protection against CodeRed et al, you need to have filters > in place as far upstream from your servers as you can get it - at your ISP > or backbone connection is best. By the time the attempt gets routed to you > and reaches your network, it's too late for DoS protection.
I don't know if Denial of Service is the right term. We get hit by Code Red about 3-4 times per day, certainly not a lot. But over the course of 3 days this activity causes iMail to freeze the Winsock as best as I can tell. So if iMail HTTP deamon would just ignore that type of request it would help for sure. I am looking into changes to firewall and using BlackIce on server, but this won't be a simple change on my side. Please visit http://www.ipswitch.com/support/mailing-lists.html to be removed from this list. An Archive of this list is available at: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Please visit the Knowledge Base for answers to frequently asked questions: http://www.ipswitch.com/support/IMail/
