Am 08.01.2013 19:08, schrieb Wietse Venema: > Rafael Azevedo - IAGENTE: >> >> >>> Configurable, perhaps. But it would a mistake to make this the >>> default strategy. >>> >>> That would make Postfix vulnerable to a trivial denial of service >>> attack where one bad recipient can block all mail for all other >>> recipients at that same site. >> >> Not if it could me parametrized. As I said, what if we get 100 >> errors in sequence? > > Big deal. Now I can block all mail for gmail.com by getting 100 > email messages into your queue
how comes? how do you get gmail.com answer to any delivery from you with 4xx? if it is becasue the 100 messages you are already done because they reject still your messages and if the otehr side has some greylisting-like rules to reject messages from you as long there are not at least 5 minutes without anotehr connection it is even easier to block you with the current behavior by sending one message per minute after the treshhold is reached the first time because you will never go under the 5 minutes
signature.asc
Description: OpenPGP digital signature
