ABSTRACT

E-Mail Bombs and Countermeasures: Cyber Attacks on Availability and Brand Integrity

The simplicity of SMTP mail, combined with the robustness of the sendmail MTA program, can be misused in numerous ways to create extraordinary and powerful email bombs. These E-mail bombs can be launched in many different attack scenarios which can easily shut down chains of SMTP mail servers. Sendmail-based SMTP mail relays can also be used covertly to distribute messages and files that could be potentially damaging to the integrity and brands of victims. This article discusses mail-bombing techniques, automated attack tools, and countermeasures. Also discussed is an actual Internet-based attack that was launched in 1997 on the Langley AFB SMTP email infrastructure. The authors also present an analysis of the cyber attack, graphs illustrating the attack volume, and a statistical e-mail bomb early warning system.