legacyteam
02-15-2007, 11:35 PM
I am having a major issue. My X-Cart based site has been the victim of DDOS attacks.
Now, everything was fine until the attackers placed a test order and the Email
Headers (in the Order Notification Email) exposed the hidden IP address.
Shortly after, that server was DDOS'd and shut down.
I have the actual website running through a protected proxy
(the actual server IP hosting the site is NOT PROTECTED AND THEREFORE hidden)
Then I have a SEPERATE EMAIL SERVER (which is also protected)
My problem is this....
I require customization so that the X-CART function mail() CAN send through the secure mail server.
PLEASE KEEP IN MIND:
The Xcart Website server is a hidden backend server (IT IS NOT PROTECTED AND MUST REMAIN HIDDEN).
It cannot 'generate' or 'relay out' any email which would reveal its IP address.
It cannot SMTP connect 'through' a mail relay, or the xcart server's IP will be revealed in the SMTP Header.
I need xcart to 'connect' to a script on the protected mail server and 'pass' the order information to the mail server.
Then, the script which is running on the mail server will GENERATE the order reply and send it to the customer.
This is a general description of the problem, how it gets solved is not specifially imporant and you may suggest anything you think will work.
The only requirement is that the xcart server's IP can NOT be revealed in any communications with the public or end user.
Is this possible and how can I get it done...any advice or assistance is GREATLY appreciated!!!
Now, everything was fine until the attackers placed a test order and the Email
Headers (in the Order Notification Email) exposed the hidden IP address.
Shortly after, that server was DDOS'd and shut down.
I have the actual website running through a protected proxy
(the actual server IP hosting the site is NOT PROTECTED AND THEREFORE hidden)
Then I have a SEPERATE EMAIL SERVER (which is also protected)
My problem is this....
I require customization so that the X-CART function mail() CAN send through the secure mail server.
PLEASE KEEP IN MIND:
The Xcart Website server is a hidden backend server (IT IS NOT PROTECTED AND MUST REMAIN HIDDEN).
It cannot 'generate' or 'relay out' any email which would reveal its IP address.
It cannot SMTP connect 'through' a mail relay, or the xcart server's IP will be revealed in the SMTP Header.
I need xcart to 'connect' to a script on the protected mail server and 'pass' the order information to the mail server.
Then, the script which is running on the mail server will GENERATE the order reply and send it to the customer.
This is a general description of the problem, how it gets solved is not specifially imporant and you may suggest anything you think will work.
The only requirement is that the xcart server's IP can NOT be revealed in any communications with the public or end user.
Is this possible and how can I get it done...any advice or assistance is GREATLY appreciated!!!