May 14th, 2004, 05:25 PM
question on email security
heres a question that i have been pondering for a while.
let say someone created a virus that was spisificly made to attack a mail server... lets also say that it has a list of addresses from that server programed into it...
would that virus be able to send it self so many times to all of the recipitants so that it makes the server run out of space????
i have never worked with a mail server from the concel side..
are there ways to stop this from happening????
May 14th, 2004, 05:39 PM
If I'm not mistaking you can set a limit on how big a mailbox from someone can get ...say like 50MB for example.
Then when the users mailbox gets full the sender gets a reply with that error ( something like : cannot deliver mail reason: mailbox full).
But then again ..if your disks on the mailserver are not up to all the mailboxes being 50 MB then it is possible that the disks get full (obviously).
I don't know if the mails that are in the Queue also count as space being used ... I think it is ...so you gotta consider that as well (anyone correct me if I'm mistaking).
So in theorie I think it's possible.
If you for instance don't keep your anti-virus up to date that is .
Back when I was a boy, we carved our own IC's out of wood.
May 14th, 2004, 06:05 PM
Regardless of mailbox size and some other general practices; the problems with virus writers and hackers is: they don't play by the rules. It is always a good idea to limit mailbox sizes so that users can't overload the mail server via their pack rat mail habits, Me included.
However; mail servers can crash in other various ways such as when NDRs fill the drive. What's an NDR? Non-deliverable crap basically, and I have seen methods of using NDR to attack mail servers, whether deliberate or just coincidence? NDRs for Exchange are dumped into a bad mail folder under the mail root and virtual machine name, bad mail folder. It's a good idea to check this often or write some script to empty this folder once a day because there are attacks that will fill that puppy up in a few days, and since the default is the windows root drive, the OS and thus Exchange CRASH. In fact it crashes hard because we all know what happens when the OS drive fills to capacity and it won't stop until it's completely full, down to the last few KBs.
I am no Exchange guru, but in this case I do not know of a method built into Exchange 2k or lower that validates what is in the bad mail folder and deletes it. I just delete the hell out of it because default mail queues will try and deliver mail for 2 days before dumping it there. So itís gone when I get a hold of it.
This is one way to bring a mail server to its knees. Are you experiencing issues with your server?
West of House
You are standing in an open field west of a white house, with a boarded front door.
There is a small mailbox here.
May 14th, 2004, 06:26 PM
no problem, i don't run a mail server... i was just curious....
Are you experiencing issues with your server?