Good point since they would perceive that as a threat to their own mail
system, trying to send all of that.
Kevin Childers
----- Original Message -----
From: "Mike Lewinski" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Friday, December 01, 2000 2:19 PM
Subject: Re: [IMail Forum] server attack
> > >How would I do the 'nobody' alias ?
> >
> > create nobody alias for the attacked domain with a rule to dump in NUL
> >
> > Now the attacker will think he has 1000's of "verified" accounts on
> > your server and will then be sending these unknown accounts a lot
> > more mail for you to eat to NUL, or maybe add them to his $39.95
> > cdrom with 60,000,000 verified email addresses. Then all the
> > spammers in the world will come a visitin'.
>
> The only downside of this approach is that mis-addressed mail doesn't
> get bounced...
>
> For that reason I keep an eye on what comes in, by routing it to a
> sub-mailbox instead of NUL.
>
> Also, when a chickenboner decides that they've found thousands of
> accounts on my system, I can then file a mailbomb report with the
> upstream ISP's security contacts that is more likely to get action,
> instead of a spam report.
>
> Mike
>
> Please visit http://www.ipswitch.com/support/mailing-lists.html
> to be removed from this list.
>
> An Archive of this list is available at:
> http://www.mail-archive.com/imail_forum%40list.ipswitch.com/
>
Please visit http://www.ipswitch.com/support/mailing-lists.html
to be removed from this list.
An Archive of this list is available at:
http://www.mail-archive.com/imail_forum%40list.ipswitch.com/
