Protecting Against Denial-of-Service Attacks
Denial-of-service attacks are generally difficult to guard against. However, Exchange 2003 includes settings that can help you protect against such attacks.
The message limit parameters configured on the SMTP virtual server allow you to specify a maximum number of recipients per message, a maximum message size, a maximum number of messages per connection, and so on. These limits can help prevent denial-of-service attacks that stem from mail transport.
Another type of denial-of-service attack could originate from sending a large number of e-mail messages to a particular server until it runs out of disk space. To minimize this possibility, you can set storage limits on mailboxes and public folders. By default, Exchange 2003 does not accept messages larger than 10 MB. In addition, you should configure the SMTP virtual servers on the Internet-facing gateway server to disallow messages that are larger than 10 MB. The maximum message size that an SMTP virtual server accepts occurs earlier in message processing than the Exchange-defined limit.
Note
Because replication needs likely require the transfer of large messages, you should not configure internal (non-Internet facing) SMTP virtual servers to disallow messages larger than 10 MB.
In addition, on a Windows Server 2003 installation, Exchange 2003 uses Internet Information Services (IIS) application pools to mitigate denial of service attacks.
For information about how to administer these various settings, see the Exchange Server 2003 Administration Guide.