These are just very annoying mail bombs. The embedded outside addresses are
not getting out, shut down by the fact that we relay only for our addresses.
I noticed another thing, to enter an address in the control access list, I
have to enter it twice. Does this generate a text based file we can add to
easier, then just restart smtp?
It's been real active lately with mail bombs and spam attempts. I've
blocked the IP's of the major offenders, but they are much more persistant
then in the past.
[EMAIL PROTECTED]
----- Original Message -----
From: "## Dusty Carden" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Monday, March 13, 2000 10:55 PM
Subject: Re: [IMail Forum] Getting Spammed to death...
> Are they successfully relaying through your server? Or just
> mass bombing your users? Have you LARTed AOL and UUNet?
> I block off plenty of UUNet dial up blocks and AOL dial up blocks.
> MSN uses UUNet dialups too.
>
> Dusty
>
> At 11:24 PM 3/13/00, you wrote:
> >Lately we've been getting hit with mail bomb after mailbomb. They come
in
> >in small bundles, so limiting incoming message size wouldn't fix the
problem
> >This morning my normally 5 to 6 meg sys log is now 59megabytes.
> >
> >We relay for only our internal addresses and those serving our dial up
> >equipment.
> >
> >We have the following settings selected in SMTP Security
> >
> >Check Valid Sender
> >Auto-Deny Possible Hack Attempts
> >Disable SMTP VRFY Command
> >
> >Any other thoughts? I've blocked the offending IP addresses and they
still
> >connect, our next step will be blocking them at the router.
Unfortunately
> >we can't block UUNet and AOL where the majority of this garbage is being
> >relayed through.
>
> Please visit http://www.ipswitch.com/support/mailing-lists.html
> to be removed from this list.
>
Please visit http://www.ipswitch.com/support/mailing-lists.html
to be removed from this list.
