Hans Wilmer wrote:
Obviously you have to be authenticated as a user with privileges to create the folders. This is no different than saying you should connect to an IMAP server and append millions of messages -- the answer is still proper authentication and access controls.Sure, read RFC 2060. You'd do "tag CREATE user/username"How is this dealt with in respect to security and reliability?
Just write a script that logs in and automatically creates mailboxes
from randomly generated (user-) names until the storage is
full. That's sort of making DOS attacks utterly easy.
--
John A. Tamplin Unix System Administrator
Emory University, School of Public Health +1 404/727-9931
