Hi Everybody,
I actually have two problems that are related to hacking issues using email:
- Mail-Relay: my client's SMTP server is being used as an SMTP relay to perform attacks or send SPAM on the Internet. This led to the fact that the client has been black-listed and is having problems using his email.
- Mail-Bomb: our server has received a mail-bomb (or what I thought to be a mail-bomb) since he was flooded by emails from several sources in a continuous way, and the received emails were trying to "reproduce" themselves on the server and get sent to new hosts.
- How can I provide a solution that will prevent these attacks or at least minimize their impact?
- Would an host-based IDS prevent any of these attacks from happening?
- Would you recommend a software to be installed on the SMTP server that will protect it from mail-relay and mail-bomb attacks?
Thank you in advance for any assistance.