funny, that's exactly what most of us over here thought. Not to mention the biggest response from our message to the folks was "cool, now i know how to DoS an Exchange server"
-alex On Wed, Nov 26, 2008 at 12:21 PM, Kurt Buff <[EMAIL PROTECTED]> wrote: > On Wed, Nov 26, 2008 at 11:07 AM, Alex Fontana <[EMAIL PROTECTED]> > wrote: > > Hi all, > > > > we've been dealing with a few databases hitting the soft quota on named > > properties. After a bit of digging and combing over all of the event ID > > 9873 events we had been logging we found that a set of users were > generating > > hundreds of new named properties each day. They were specifically > > introducing new x-headers like "x-offlineimap-message_guid" for every > > message they were synching between thier IMAP client and the mailbox. We > > contacted these users and one of them (they're all engineers of course) > was > > able to write a patch that changed the behavior from creating a unique > > x-header to defining a single x-header wtih a unique data string to > identify > > the individual messages, thus allowing them to keep using the OfflineIMAP > > tool to synch thier IMAP clients to thier mailboxes. > > > > One of our users submitted a feature request to the dev of OfflineIMAP > and > > the patch writer submitted his patch: > > http://software.complete.org/software/issues/show/114 > > > > Just something else to look out for... > > > > -alex > > I consider this to be more of a design flaw with Exchange than > anything else. A new database entry for every new header entry is > shortsighted, and leads to easy DoS, unintentional or not. I assume > that the idea is to be able to index on the property, but it just > doesn't work well. > > Kurt > > ~ Ninja Email Security with Cloudmark Spam Engine Gets Image Spam ~ > ~ http://www.sunbeltsoftware.com/Ninja ~ > ~ Ninja Email Security with Cloudmark Spam Engine Gets Image Spam ~ ~ http://www.sunbeltsoftware.com/Ninja ~
