Mail Bombing

Posted on 8:34 PM by Bharathvn

Mail Bombing
The first time I was mail bombed was almost ten years ago. Once I left my email address in a chat room (I had never done this before). As my bad luck would have it, there was a beginning hacker sitting there who flooded my mailbox with mail bombs.

So what is a mail bomb? Mail bombing sends a massive amount of email to a specific person or system. A huge amount of mail may overfill the victim's mailbox, making it impossible to receive legitimate messages.

At first, it may seem that this attack is easy to protect against: All you have to do is increase the mailbox size or remove the size limit. But this is the worst thing that could be done: With a limited mailbox size, a successful mail bomb attack will take out only one mailbox. With an unlimited mailbox size, a successful DoS attack can be carried out against the entire server.

Mail messages are the only way for an unauthorized person to upload information onto a server. When an email message is received at a server, it is stored on the server's hard drive until it is downloaded by the user when the mail is checked. Sending a constant flow of messages to a mailbox of unlimited size will fill the entire hard drive, and the server will no longer be able to receive messages into any of its mailboxes.

The worst situation that can be caused by mail bombing is when mailboxes are located in the default directory, which is /var. If this directory is filled, the server will no longer be able to write service information to it. The /var directory is also used to store security logs. If these logs cannot be updated, the server will become inaccessible.

Thus, the mailbox disk space must be limited. It is preferable to lose one or even a few mailboxes than to lose the entire server.

There is no foolproof defense against mail bombing. You can, however, make it more difficult for the perpetrator to carry it out. This can be done with the help of the parameters considered in earlier pages. Moreover, the maximum size of a single message that can be received to a mailbox can be limited to a reasonable size using the MaxMessageSize parameter. This will make the miscreants' job more difficult because they will have to send many small messages instead of one large message.