Re: IDS: question about "stealth spam"

CyberPsychotic (mlistsgizmo.kyrnet.kg)
Wed, 25 Aug 1999 21:20:11 +0600 (KGST)

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
• Next message: Brotschi, Brian: "IDS: RE: RE: Honey pots / decoy servers"
• Previous message: Lisbon: "IDS: RE: Honey pots / decoy servers"

FAQ: See http://www.ticm.com/kb/faq/idsfaq.html
IDS: See http://www-rnks.informatik.tu-cottbus.de/~sobirey/ids.html
HELP: Having problems... email questions to ids-owneruow.edu.au
NOTE: Remove this section from reply msgs otherwise the msg will bounce.
SPAM: DO NOT send unsolicted mail to this list.
USUBSCRIBE: email "unsubscribe ids" to majordomouow.edu.au
---------------------------------------------------------------------------

---
~ Recently my network has been the victim of a massive stealth spam
~ attack, and Its causing me and my company major major problems.
~
stealth spam?:) looks like you're running vulneriable smtp daemons. Get a
recent sendmail, which would guarantee you to know the previous hop of
relayed email. (hence the address to block).
~ I already have anti-relay software in
~ place, but its not stopping these attacks.
% X-Priority: 3
% X-MSMail-Priority: Normal
% X-Mailer: Microsoft Outlook Express 5.00.2314.1300
% X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2314.1300
these words and your message headers makes me feel you are in sore
condition, friend. :-) why not install Unix-based firewalling machine (or
at least mail-relay machine with the only public smtp service open wide?)
configuring sendmail to reject unwanted relays isn't very tricky and works
nicely to me. (I could help you with this, if you get stuck, just drop a
line offlist).

• Next message: Brotschi, Brian: "IDS: RE: RE: Honey pots / decoy servers"
• Previous message: Lisbon: "IDS: RE: Honey pots / decoy servers"

This archive was generated by hypermail 2.0b3 on Wed Aug 25 1999 - 21:28:48 CDT