Stories
Slash Boxes
Comments
NOTE: use Perl; is on undef hiatus. You can read content, but you can't post it. More info will be forthcoming forthcomingly.

All the Perl that's Practical to Extract and Report

use Perl Log In

Log In

[ Create a new account ]

Matts (1087)

Matts
  (email not shown publicly)

I work for MessageLabs [messagelabs.com] in Toronto, ON, Canada. I write spam filters, MTA software, high performance network software, string matching algorithms, and other cool stuff mostly in Perl and C.

Journal of Matts (1087)

Tuesday March 19, 2002
03:41 PM

Mail DoS

[ #3650 ]

Had to look into a mail denial of service at work today. I was extremely surprised that a company the size of ours had never really dealt with an email DoS before. Unfortunately the guy was using open relays, and the DNS blacklists we offer to our clients didn't have the relays he was using listed. Bah. Spamcop did though, as did osirusoft and dorkslayers, so it looks like we're going to have to expand our blacklist usage somewhat.

People who start these things are really sad little idiots. It makes me wonder how Slashdot (and thus use.perl) deals with their DoS attacks, because I've rarely seen use.perl slow down much.

The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
 Full
 Abbreviated
 Hidden
More | Login | Reply
Loading... please wait.
  • I remember reading an article that most of the DoS attacks are the result of bots installed on unsuspecting home user's PC's.

    I also read that ZoneAlarm will pick these up (and stop them) while BlackIce Defender will not. I run the free version of ZoneAlarm at home for Windows and I have to say it works pretty good. It even prevented some nasty CTD hacks in online games that I was playing.

  • You don't use ORDB? (I could just look in my tinydns logs, but that's not fair :-) )

    If not, how come?

    --

    -- ask bjoern hansen [askbjoernhansen.com], !try; do();

    • I believe we do use ORDB, but this particular domain wasn't listed there.

      If we don't use any particular blacklist it's because we have to pay for them, since we do 7million emails a day - and free services wouldn't smile too kindly on that. I keep telling them to just install dnscache, but nobody listens to me - they installed bind instead. D'oh!