Toriss 2.0
oriss is an IIS plug-in that makes the SMTP service immune to Reverse NDR Attacks (a.k.a. Backscatter Spam). Instead of bouncing emails that are sent to invalid users, Toriss will reject the email as soon as the RCPT command is received. Microsoft left this important security feature out of IIS to motivate people to buy its $1500 ISA Server. However, this foolishly allows the server to be used to send spam by way of the Reverse NDR Attack. By sending spam to invalid users, the SMTP service will send a bounce-back to the forged From: header with the spam attached. As a result, InetpubMailrootQueue fills up with thousands of undeliverable bounce-backs, slowing down the whole system and making the SMTP service unresponsive. Toriss solves this problem completely.
Toriss also has the ability to reject unauthenticated connections from dynamic IP addresses. This technique is used by many large domains such as Hotmail and AOL to reduce spam. When this feature is enabled, your mail server will only accept email from computers with a static IP address, or if a user name and password is provided.