|
intech2 -> Preventing Reverse NDR attacks Exchange 2000 (30.Sep.2006 7:23:30 AM)
|
In a perfect world, I would upgrade to Exchange 2003...but I currently do not
have the funds to do so...
I have become the latest victim in what appears to be a successful Reverse
NDR attack. I started to receive multiple NDR reports throughout the day
which seem to have come addressed from postmaster@mydomain.com...The email
was sent To & From unknown_user@mydomain.com.which of course fills my
badmail folder etc...etc. In my virtual SMTP server queue, i noticed a
'remote deliver' entry going to hanmail.net...
For the time being, I have cleared my virtual SMTP queue and explicitly set
NOT to generate NDR reports through my Global Settings...This is meant to
only be a temporary fix.
MY QUESTION:
Since I cannot set a recipient filter policy in Exchange 2000, and Exchange
2000 accepts ALL mail before queueing Active Directory...is there any way to
defeat these Reverse NDR attacks? I have Googled until my eyes bled and can
only come up with solutions for Exchange 2003...
MY ENVIRONMENT:
Windows 2000 Server
Exchange 2000 Server Enterprise Edition
(Latest Service Packs and hotfixes applied)
My gratitude ahead of time...
|
|
|
|