38 SMTP Server Hijacking (Unauthorized Relaying) (Common Attacks - Firewalls)
Description
This article is from the Firewalls FAQ, by Matt Curtin cmcurtin@interhack.net and Marcus J. Ranum mjr@nfr.com with numerous contributions by others.
38 SMTP Server Hijacking (Unauthorized Relaying) (Common Attacks - Firewalls)
Each site is a little different from every other in terms of what attacks
are likely to be used against it. Some recurring themes do arise, though.
This is where a spammer will take many thousands of copies of a message and
send it to a huge list of email addresses. Because these lists are often so
bad, and in order to increase the speed of operation for the spammer, many
have resorted to simply sending all of their mail to an SMTP server that
will take care of actually delivering the mail.
Of course, all of the bounces, spam complaints, hate mail, and bad PR come
for the site that was used as a relay. There is a very real cost associated
with this, mostly in paying people to clean up the mess afterward.
The Mail Abuse Prevention System <URL:http://maps.vix.com/> Transport
Security Initiative <URL:http://maps.vix.com/tsi/> maintains a
complete description of the problem, and how to configure about every
mailer on the planet to protect against this attack.
Continue to:
My Books
