I am running a MS Exchange 5.5 server and am getting hit with the NDR (non-delivery report) Reverse Spam Attack as described here: http://www.tek-tips.com/gviewthread.cfm/lev2/3/lev3/15/pid/10/qid/725829 As the thread describes, there is no way to just turn off NDRs in Exchange 5.5 - Microsoft is recommending third party utilities. What I am wondering is this - would it be possible to redirect SMTP to my Linux server, use iptables to check that the recipient matches a valid user from a list I'd supply, and, if so, route the message to the Exchange server? And, if no valid recipient is found, the message is simply dropped. Is this even a logical way to handle this situation? Should I be looking at something like snort instead? I'm all ears! Thanks, -- Adam Ellis <aellis@xxxxxxxxxxxxxx> SaberLogic
Attachment:
signature.asc
Description: This is a digitally signed message part