 |
|
|
ArGoStuff User to User Support Forums
|
 |
|
 |
| Author |
Messages |
|
mulmad
Posts: 5
Online: 
ArGoNuke Recruit
 |
| 05-05-2008 4:21 PM |
|
is ArGoSoft mail server pro 1.8.9.3 sending non-delivery report?
The mail server is bombarded with delivery attempts to non-existing users.
|
|
|
|
|
mcorrow
Forum Moderator
Posts: 192
Online:
ArGoNuke Lt. JG
|
| 05-05-2008 4:30 PM |
|
Attempts to send to invalid users could be a "phishing" attempt to find valid users. If I understand your question correctly, the server does not send NDR's , but the other server gets a response saying invalid user...
HTH |
|
Matt |
|
|
mulmad
Posts: 5
Online:
ArGoNuke Recruit
|
| 05-07-2008 9:21 AM |
|
I see. I just couldn't find any option in the mail server gui specifying if NDR reports are sent or not.
Is there a way to guard against these "directory-attacks" (where an email is sent to every word in the directory @domain.com)? |
|
|
|
|
mcorrow
Forum Moderator
Posts: 192
Online:
ArGoNuke Lt. JG
|
| 05-07-2008 9:36 AM |
|
Yes, you can "guard" against those by using lockout manager.. Set the time to be the amount of time that you want to refuse a connection, and the number of allowed connections to some low number... here's how it works: each time someone emails an invalid user, they get an entry in lockout manager (or their count is increased). If the count in lockout manager reaches the threshold that you have set, their connection will be terminated, and they will not be able to connect again until the timeout period has been reached.
I actually have mine set for 2 connections and a time period of 1439 minutes (one day)..
There is also another setting, "Max invalid commands" under the advanced tab that defines how many "invalid commands" a session can create before being terminated. I have mine set to 4. If a connection tries to send to 5 invalid email addresses during the same connection, they will be terminated. this also feeds into lockout manager.
So, turn lockout manager on (enable), set the number of connections, and the time, and you should be better protected against those attacks.
One other thing that we do here, I check the lockout table once or twice a day, and when I see an IP address that has more than the threshold in lockout manager(in my case anything more than 2) I add two years to the date in lockout manager, effectively refusing them access for two years for that IP address. In my case, anyone who has gotten over the threshold in lockout manager must have had multiple connections from the same IP address all at the same time, and must be on a "phishing" expedition...
HTH
|
|
Matt |
|
|
|
| You are not authorized to post a reply. |
|
|
|
ActiveForums 3.7
|
|
|
|
|
|
 |
| ArGoSoft Mail Server .NET v1.0.5.3 | |
Mail Server
- Added data rebuild external utitlity (MailServerReset.exe), and a popup menu option to
reset/rebuild user mailboxes and entire domain groups;
- Mailbags and domains now support a * wildcard as a subdomain name, e.g., *.argosoft.com includes
mail.argosoft.com, junk.argosoft.com, and so on...
- When bouncing messages to local addresses, using local delivery handler, which have been recently
used for local delivery... It turned out, it was not working when sending bounced messages to
local users, messages were going to the queue. This change will considerably reduce server load;
- Added a Sort by Email feature to distribution lists;
Web Interface
| | 7/28/2008 2:33:17 PM |
|
| Mid-Summer Promotion has ended |
We are wrapping up our mid-summer $50.00 off promotion.
The promotion was a great success. Over 70 users took advantage of our special offer. We are sure, it will help the further popularization of our software.
| | 7/15/2008 11:59:25 PM |
|
| Mid-Summer Promotion - Mail Server .NET |
We are launching mid-summer promotion with our Mail Server .NET. You can upgrade, or get a new license for $50.00 less until July 15 2008.
| | 7/4/2008 9:36:35 AM |
|
| ArGoSoft Mail Server .NET v1.0.5.2 | |
Mail Server
- Added Available Updates checking. Of course, it will show up only after we release
the next version... If new version is avialable, a link will be displayed on the bottom of
the UI, suggesting to upgrade
- "SMTP Log In" will be no longer be registered in the last login database, because it causes
confusion when the web interface displays last login protocol;
- Updated help files, now they reflect new Remoting services;
Web Interface
- "Wiping" of trash folder now works. With each login, messages, located in the
trash folder, and older than 3 days will be wiped out;
| | 6/16/2008 8:45:05 AM |
|
|
|
|
|
|
|
 |
 |
|
 |
|