Re: More questins on SMTP spam attacks.

---

• From: PeterD <peter2@xxxxxxxxxx>
• Date: Thu, 17 Apr 2008 08:18:53 -0400

---

On Wed, 16 Apr 2008 00:11:02 -0400, "Sanford Whiteman"
<swhitemanlistens-software@xxxxxxxxxxxxxxxxxxxxx> wrote:

The spammer can't send emails, they don't get relayed, but the sender
is never notified that the attempt fails. There was logic behind that
(it allowed SMTP to mask a userid/password attack, since it never told
that the user's attempt failed!)

The *only* reason you should be accepting e-mail that you know you'll
never deliver -- especially, as in your case, if you do this by
running an apparently open relay for domains you don't even service --
is if you are running a honeypot and require a corpus of known spam to
build blacklists for your _real_ mailflow.

Mail admins usually learn the hard way that any tactics that increase
the use of your resources -- tarpitting, fake acceptance, etc. -- make
you the ultimate loser in the situation. The other side has all the
toys. If you have unlimited bandwidth and scaleability, maybe you can
get away with trying that spam-laboratory stuff.

But now we see the problem that the spammer connects with bad
credentials, and is able to drop his message to the SMPT server.

Yep, so turn off whatever you've done to allow that to happen.

--Sandy

Well, that's not a terribly useful suggestion since this is how IIS
SMTP is built by MSFT. I *WANT* to turn it off, and that is what I
asked, so saying 'Turn off whatever' doesn't help me.

As far as the "You've done to allow", what have I done to allow this?
.

---

• Follow-Ups:
  • Re: More questins on SMTP spam attacks.
    • From: Sanford Whiteman

• References:
  • More questins on SMTP spam attacks.
    • From: PeterD
  • Re: More questins on SMTP spam attacks.
    • From: Sanford Whiteman
  • Re: More questins on SMTP spam attacks.
    • From: PeterD
  • Re: More questins on SMTP spam attacks.
    • From: Sanford Whiteman

• Prev by Date: Re: More questins on SMTP spam attacks.
• Next by Date: Re: More questins on SMTP spam attacks.
• Previous by thread: Re: More questins on SMTP spam attacks.
• Next by thread: Re: More questins on SMTP spam attacks.
• Index(es):
  • Date
  • Thread

---

Relevant Pages Re: [opensuse] Thunderbird password nuisance. ... time the smtp session timed out in the server and fails. ... Easily fixed by correctly configuring your smtp settings in Account ... It knows you need it because the smtp server requires it, ... (SuSE) Re: More questins on SMTP spam attacks. ... is never notified that the attempt fails. ... (it allowed SMTP to mask a userid/password attack, ... (microsoft.public.inetserver.iis.smtp_nntp) Externally Emailing SharePoint Discussion List Fails? ... So that I could email the list externally I had to add another SMTP ... address to my lists contact properties. ... Create a new Exchange Server Global recipient policy so ... adds the emails to the discussion list, but externally it fails. ... (microsoft.public.exchange.admin) Re: Sendmail LDAP verification questions ... Queries against groups (with known SMTP addresses) fails with 'User ... Unknown' ... (comp.mail.sendmail) Re: [opensuse] Thunderbird password nuisance. ... I have a nuisance in Thunderbird. ... When I try to send an email via my provider smtp server, ... time the smtp session timed out in the server and fails. ... (SuSE)

---

• Windows
• Science
• Usenet

• Archive
• About
• Privacy
• Search
• Imprint

www.tech-archive.net  > Archive  > Internet-Server  > microsoft.public.inetserver.iis.smtp_nntp  > 2008-04