An intelligent method to block e-mail bombs

摘要

It is hard to block e-mail bombs because they are usually sent by normal SMTP (Simple Mail Transfer Protocol) applications with fake mail sender addresses and IP addresses. Fortunately, original network packets contain real IP address information anyway. Collecting and analyzing these packet contents can help an administrator to realize where the e-mail bombs are coming from and block them. This article presents a simple method that uses a bandwidth manager device to collect and analyze packets to get e-mail bombs information as well as to block e-mail bomb source IP addresses in routers. In practical application experiences at the computer center in a university, this method blocked e-mail bombs simply and effectively. Furthermore, a fuzzy inference system was also designed to help identify e-mail bombs. Its fuzzy membership functions could be adapted using the fuzzy neural network learning method. In brief, the proposed method affords an automatic and adaptable alarm to find e-mail bombs.