To prevent your server from being attacked by malicious or unsolicited
mail (spam), you should control Simple Mail Transfer Protocol (SMTP) access.
If you want to allow SMTP clients to access your iSeries™ server, you should protect your
server from attack by performing the following tasks:
- If possible, avoid using an *ANY *ANY entry in the system distribution
directory. When your server does not have an *ANY *ANY entry, it is more difficult
for someone to attempt to use SMTP to flood your server or overwhelm your
network. Flooding occurs when your auxiliary storage is filled with unwanted
mail that is being routed through your iSeries to another server.
- Set adequate threshold limits for your auxiliary storage pools (ASPs)
to prevent a user from swamping your server with unwanted objects. You can
display and set the thresholds for ASPs by using either system service tools
(SST) or dedicated service tools (DST). Independent disk pools in the Backup
and recovery topic provides more information about ASP thresholds.
- Tune the maximum number of prestart jobs that will be created by doing
a CHGPJE. This will limit the number of jobs created during a denial of service
attack. The default is 256 for the maximum threshold.
- Prevent outsiders from using your connection to send unsolicited e-mail
(spam) by restricting relays and connections.