There's a problem with this approach. Someone specifying a recipient
address of "[EMAIL PROTECTED]", with
sufficient intensity, can cause a DDOS attack. Although DB lookups are
relatively fast, this is still something that cannot be ignored.
This kind of attack can be mitigated by requiring a valid email address.
Two consecutive periods are illegal in a domain name.
Well, the address has to get by esmtpacceptmailfor list and the rfc822 parser first, from my reading of the code. The "a.a.a.a.domain.com" attack should only be feasible for domains that are explicitly listed as ".domain.com" in hosteddomains -- if ".domain.com" isn't listed in esmtpdacceptmailfor, then this block of code is never reached for anon users; and any domain "foobar.com" that is listed in esmtpdacceptmailfor would normally also be listed verbatim in hosteddomains (so db succeeds on first query; never causes lookups for ".com").
But Sam's right; when ".domain.com" is listed in hosteddomains, email to [EMAIL PROTECTED]".a"x470}.domain.com wouldn't be particularly good. Next time I'm in front of a machine that has dev tools installed, I'll work on adding a MAX_DOT_DEPTH into the code, compile-time set, with it defaulting to something like 12. The potential extra 11 lookups can only occur for domains that are explicitly listed as ".domain.com", so it shouldn't cause any additional db calls for any domain lacking a ".domain" entry. (This is also true for the current patch as it stands now.) Sam, would that be sufficiently safe?
best, Jeff
------------------------------------------------------- This SF.net email is sponsored by: SF.net Giveback Program. Does SourceForge.net help you be more productive? Does it help you create better code? SHARE THE LOVE, and help us help YOU! Click Here: http://sourceforge.net/donate/ _______________________________________________ courier-users mailing list [EMAIL PROTECTED] Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
