Skip to main content
Article thumbnail
Location of Repository

Mail Non-Delivery Notice Attacks

By Stefan Frei, Ivo Silvestri and Gunter Ollmann

Abstract Abstract. Analysis of e-mail non-delivery receipt handling by live Internetbound e-mail servers has revealed a common implementation fault that could form the basis of a new range of DoS attacks. Our research in the field of e-mail delivery revealed that mail servers may respond to mail delivery failure with as many non-delivery reports as there are undeliverable Cc: and Bcc: addresses contained in the original e-mail. Non-delivery notification e-mails generated by these systems often include a full copy of the original e-mail sent in addition to any original file attachments. This behavior allows malicious users to leverage these mail server implementations as force multipliers and flood any target e-mail system or account. 1 of 18 Towards the end of 2002, the authors discovered that from time to time there were massive amounts of mail traffic destined for non existent e-mail accounts on ou

Year: 2010
OAI identifier: oai:CiteSeerX.psu:
Provided by: CiteSeerX
Download PDF:
Sorry, we are unable to provide the full text but you may find it at the following location(s):
  • (external link)
  • (external link)
  • (external link)
  • Suggested articles

    To submit an update or takedown request for this paper, please submit an Update/Correction/Removal Request.