RE: Some Advice Please

  • From: "Shawn Moua" <smoua@xxxxxxxxxxxxxxx>
  • To: "[ExchangeList]" <exchangelist@xxxxxxxxxxxxx>
  • Date: Thu, 5 Jan 2006 12:29:26 -0800

Just got the latest updates for my TippingPoint IPS device:

 

HTTP: Barracuda Spam Firewall Arbitrary Code Execution Vulnerability

       Category: Client/Server - Vulnerability

       Description:

       This filter detects attempts to exploit a

       vulnerability in the Barracuda Spam Firewall web

       interface.

 

Not sure if it's any help for you.  Try contacting Barracuda and see
what they can do.

 

Shawn.

 

-----Original Message-----
From: Rich Gallo [mailto:RGallo@xxxxxxxxxxxxxxxxx] 
Sent: Thursday, January 05, 2006 10:47 AM
To: [ExchangeList]
Subject: [exchangelist] RE: Some Advice Please
Sensitivity: Private

 

http://www.MSExchange.org/

Exactly, the number is huge.  It's up to 95K now!  Yeah, I also checked
IP addresses and there doesn't seem to be any commonality between them
but I'll keep checking.  Pulling my hair out indeed.

 

________________________________

From: Evan Mann [mailto:emann@xxxxxxxxxxxxxxxxxxxxx] 
Sent: Thursday, January 05, 2006 1:15 PM
To: [ExchangeList]
Subject: [exchangelist] RE: Some Advice Please
Sensitivity: Private

 

http://www.MSExchange.org/

The Barracuda device is SPAM filter, as well as virus protection,
spyware, and content filtering.  He want's to know if he is specifically
being attacked.

 

80k e-mails for 250 e-mail addresses in 15 hours is huge.  Being that
they are all blank seems a little odd. Not your typical spam I'd say,
and I've not heard of this happening to anyone.  I have noticed a very
small number of e-mails lately they had blank subject AND sender. First
time I noticed them so it's something new.  But not in that volume.

 

 


 

________________________________

From: Mike Dufoe [mailto:dufoem@xxxxxxxxxxx] 
Sent: Thursday, January 05, 2006 12:57 PM
To: [ExchangeList]
Subject: [exchangelist] RE: Some Advice Please
Sensitivity: Private

http://www.MSExchange.org/

Are you running any type of Spam software on your network?  If not, I'd
start off by purchasing one.  We use GFI and are quite impressed by it
as it works with AD.

 

 

 

Mike Dufoe
System Administrator
ETI Canada Inc. 

________________________________

From: Rich Gallo [mailto:RGallo@xxxxxxxxxxxxxxxxx] 
Sent: Thursday, January 05, 2006 12:40 PM
To: [ExchangeList]
Subject: [exchangelist] Some Advice Please
Sensitivity: Private

 

http://www.MSExchange.org/

We recently got a Barracuda Box (which is great by the way), and are
using it as our SMTP smart host relay for incoming and outgoing mail
from and to the outside world, respectively.  We are getting hit with a
HUGE amount of messages that are just empty (no TO:, no SUBJECT:, no
FROM:, nothing)  To give you an idea of just how many we are getting, we
have 250 users and since I set up the new spam box last night (15 hours
ago), we have received over 80,000 messages!  Most of which were
blocked...  My question is - Is this some sort of continued attack our
domain is under?  If so, what steps can I take to help fix, or slow
down, this problem? 

 

ANY Advice at all would be greatly appreciated as this stuff is killing
us!!!

 

 

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
Exchange Newsletters: http://www.msexchange.org/pages/newsletter.asp 
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this MSExchange.org Discussion List as:
dufoem@xxxxxxxxxxx
To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
Report abuse to info@xxxxxxxxxxxxxx 

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
Exchange Newsletters: http://www.msexchange.org/pages/newsletter.asp 
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this MSExchange.org Discussion List as:
emann@xxxxxxxxxxxxxxxxxxxxx
To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
Report abuse to info@xxxxxxxxxxxxxx 

--
No virus found in this outgoing message.
Checked by AVG Free Edition.
Version: 7.1.371 / Virus Database: 267.14.13/221 - Release Date:
1/4/2006

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
Exchange Newsletters: http://www.msexchange.org/pages/newsletter.asp 
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this MSExchange.org Discussion List as:
rgallo@xxxxxxxxxxxxxxxxx
To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
Report abuse to info@xxxxxxxxxxxxxx 

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
Exchange Newsletters: http://www.msexchange.org/pages/newsletter.asp 
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this MSExchange.org Discussion List as:
smoua@xxxxxxxxxxxxxxx
To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
Report abuse to info@xxxxxxxxxxxxxx 


--
No virus found in this incoming message.
Checked by AVG Free Edition.
Version: 7.1.371 / Virus Database: 267.14.13/221 - Release Date:
1/4/2006



--
No virus found in this outgoing message.
Checked by AVG Free Edition.
Version: 7.1.371 / Virus Database: 267.14.13/221 - Release Date:
1/4/2006


Other related posts: