[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Defend Mail Bomb
At 11:25 PM 7/14/96 +0800, you wrote:
>Is it possible to defend mail bomb? If not, detect who they are?
Mail bombs are hard to defend against. If your company or ISP
has a firewall or mail server that handles their incoming email,
it can potentially be configured to block mail from known harassers,
but it's much harder to do if automatically - ten megabytes of binary
data might be mailbombs, or might be the CAD/CAM file that your
engineering department wanted.
If the mailbombs are all coming from one place, over a period of time,
you can often look at the headers and track down where they came from,
and contact the administrators of the machines the mail came from
to ask them to stop the problem. But if the attacker is good,
this requires looking at large numbers of log-files, and many administrators
aren't willing to do this except for serious on-going problems.
If the mailbombs are coming from anonymous remailers, most remailer
operators are happy to put you on their block list, to block further
anonymous mailbombs.
# Thanks; Bill
# Bill Stewart +1-415-442-2215 [email protected]
# http://www.idiom.com/~wcs
# Confuse Authority!