 |
 |
One of the new features that was rolled out on March 5th for mail.msu.edu was something we call the "penalty box." This feature is designed to stop dictionary attacks. A dictionary attack is where a program connects to a mail server and tries to send spam or a virus to a list of randomly generated usernames. This, while in itself is bad, has the potential side effect of creating an enormous amount of collateral spam. In some cases enough where we can DoS a small ISP (this has actually happened in the past). In an attempt to stop these attacks, we developed a mechanism to temporarily block mail from offending IP addresses (the penalty box). If a server connects to mail.msu.edu and sends to too many invalid recipients (an absolute minimum of 15), the server gets put into the penalty box for 24 hours. This means that there will be no mail allowed from the offending server for 24 hours. We are in the process of white listing all departmental e-mail servers. If you are responsible for a legitimate departmental e-mail server, please e-mail me with the server name, and your contact information so I can white list you. Thanks! ./matt -- m. kolb <[log in to unmask]>