On 25/08/2022 11:39, Tobias Fiebig via mailop wrote: > An attacker may use an infinite number of SPF referrals in their SPF setting > and can send an email to a vulnerable mail server which would make the SMTP > server make a whole lot of DNS queries. By exploiting this vulnerability, an > attacker can block the SMTP queue of the server, flood the associated > recursive resolver, or any DNS authoritative server.
That requires a broken implementation for SPF lookups that has no limit. You are yet another unethical research project that has been actively attacking people running such broken implementations: https://forum.iredmail.org/topic18756-iredapd-is-killed-by-spam-i-have-to-restart-every-few-hours.html Increasing the limit only increases the number of potential DNS queries from a single email, assuming no minimum cache time on the resolver. The RFC needs to be updated to match the reality that a lot of email services for the same domain are outsourced to multiple entities and so there will be a lot of "include:" DNS queries. I blocked your domain "net-measurement.org" back in February when you sent an unsolicited message to one of my servers: -------- Forwarded Message -------- Subject: Measuring and understanding the behavior of SPF record lookup Date: Tue, 15 Feb 2022 17:49:20 +0600 (+06) From: Ubuntu <ashiq@[redacted].net-measurement.org> To: admin@[redacted], abuse@[redacted], postmaster@[redacted] Hi, We are a security team at Virginia Tech and we are currently measuring how SPF records are being looked up on your end. This is a one-time email and you will not receive any further emails from our end. If you do receive more than one email from us, please copy and paste the following link on your browser and contact us at the given email addresses. We do apologize for this matter and thank you for your understanding. https://vtnetsec.notion.site/Measuring-and-understanding-the-behavior-of-SPF-records-look-up-in-SMTP-servers-4b95e74c017048e781a575eab03b405c <https://vtnetsec.notion.site/Measuring-and-understanding-the-behavior-of-SPF-records-look-up-in-SMTP-servers-4b95e74c017048e781a575eab03b405c> Please do not reply to this email, it is not monitored. If you'd like to contact us, please visit the given link above. -- Simon Arlott _______________________________________________ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
