ibm-information-center/dist/eclipse/plugins/i5OS.ic.rzair_5.4.0.1/controlsmtpaccess.htm

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html
  PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us" xml:lang="en-us">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="security" content="public" />
<meta name="Robots" content="index,follow" />
<meta http-equiv="PICS-Label" content='(PICS-1.1 "http://www.icra.org/ratingsv02.html" l gen true r (cz 1 lz 1 nz 1 oz 1 vz 1) "http://www.rsac.org/ratingsv01.html" l gen true r (n 0 s 0 v 0 l 0) "http://www.classify.org/safesurf/" l gen true r (SS~~000 1))' />
<meta name="DC.Type" content="concept" />
<meta name="DC.Title" content="Control Simple Mail Transfer Protocol access" />
<meta name="abstract" content="To prevent your server from being attacked by malicious or unsolicited mail (spam), you should control Simple Mail Transfer Protocol (SMTP) access." />
<meta name="description" content="To prevent your server from being attacked by malicious or unsolicited mail (spam), you should control Simple Mail Transfer Protocol (SMTP) access." />
<meta name="DC.Relation" scheme="URI" content="rzairplanseccontrol.htm" />
<meta name="copyright" content="(C) Copyright IBM Corporation 2004, 2006" />
<meta name="DC.Rights.Owner" content="(C) Copyright IBM Corporation 2004, 2006" />
<meta name="DC.Format" content="XHTML" />
<meta name="DC.Identifier" content="controlsmtpaccess" />
<meta name="DC.Language" content="en-us" />
<!-- All rights reserved. Licensed Materials Property of IBM -->
<!-- US Government Users Restricted Rights -->
<!-- Use, duplication or disclosure restricted by -->
<!-- GSA ADP Schedule Contract with IBM Corp. -->
<link rel="stylesheet" type="text/css" href="./ibmdita.css" />
<link rel="stylesheet" type="text/css" href="./ic.css" />
<title>Control Simple Mail Transfer Protocol access</title>
</head>
<body id="controlsmtpaccess"><a name="controlsmtpaccess"><!-- --></a>
<!-- Java sync-link --><script language="Javascript" src="../rzahg/synch.js" type="text/javascript"></script>
<h1 class="topictitle1">Control Simple Mail Transfer Protocol access</h1>
<div><p>To prevent your server from being attacked by malicious or unsolicited
mail (spam), you should control Simple Mail Transfer Protocol (SMTP) access.</p>
<p>If you want to allow SMTP clients to access your iSeries™ server, you should protect your
server from attack by performing the following tasks:</p>
<ul><li>If possible, avoid using an *ANY *ANY entry in the system distribution
directory. When your server does not have an *ANY *ANY entry, it is more difficult
for someone to attempt to use SMTP to flood your server or overwhelm your
network. Flooding occurs when your auxiliary storage is filled with unwanted
mail that is being routed through your iSeries to another server.</li>
<li>Set adequate threshold limits for your auxiliary storage pools (ASPs)
to prevent a user from swamping your server with unwanted objects. You can
display and set the thresholds for ASPs by using either system service tools
(SST) or dedicated service tools (DST).  Independent disk pools in the Backup
and recovery topic provides more information about ASP thresholds. </li>
<li>Tune the maximum number of prestart jobs that will be created by doing
a CHGPJE. This will limit the number of jobs created during a denial of service
attack. The default is 256 for the maximum threshold. </li>
<li>Prevent outsiders from using your connection to send unsolicited e-mail
(spam) by restricting relays and connections.</li>
</ul>
</div>
<div>
<div class="familylinks">
<div class="parentlink"><strong>Parent topic:</strong> <a href="rzairplanseccontrol.htm" title="You should control who accesses your server through e-mail to protect your data from malicious attacks.">Control e-mail access</a></div>
</div>
</div>
</body>
</html>