[ale] Being used in a DOS attack against others

David Bronson dbron at roman.net
Thu Aug 8 14:21:32 EDT 2002


Michael,

We drop mail to non-existent users, it isn't so helpful to the few
senders with legitimate bad addresses, but we don't have many problems
like you describe either.

David Bronson

On Thu, Aug 08, 2002 at 09:48:25AM -0400, Michael Hirsch wrote:
> Someone has been using our mail server to amplify a DOS attack against
> some other mail servers.  It works like this.  Then send a mail to
> randomuser at nubridges.com with a return address of attackedcompany.com. 
> Since random user does not exist we send a reply that the user does not
> exit to attackedcompany's mail server.  So we flood their mail server.
> 
> I've never seen this attack before, though it seems quite simiple.  Is
> this a well know DOS attack?  Has anyone else been experiencing this? 
> 
> It seems to have stopped this morning, but it was ongoing for the last
> two days.
> 
> --Michael
> 
> 
> ---
> This message has been sent through the ALE general discussion list.
> See http://www.ale.org/mailing-lists.shtml for more info. Problems should be 
> sent to listmaster at ale dot org.

---
This message has been sent through the ALE general discussion list.
See http://www.ale.org/mailing-lists.shtml for more info. Problems should be 
sent to listmaster at ale dot org.






More information about the Ale mailing list