Russell Nelson <[EMAIL PROTECTED]> wrote:
>
> Hmmm.... I wonder. I could do a denial of service attack on
> qmail-remote by receiving email very, very slowly, and by sending
> email to a server which is guaranteed to be received and guaranteed to
> bounce. qmail doesn't keep track of very slow hosts, but only hosts
> that time out.
I've been thinking along the same lines. qmail-smtpd would seem to also be
vulnerable to this (not that this is djb's fault). Lowering timeoutremote and
timeoutsmtpd from their defaults of 1200 would help against this problem
cropping up due to genuinely slow servers, but not against a deliberate attack
(send one byte every ten minutes, or two minutes, or whatever, tying up a
qmail-smtpd process for an indefinite period).
Perhaps something like a "maxlifetime" control file for qmail-remote and
qmail-smtpd? At process startup, set an alarm for X seconds -- if the ALRM is
received, abort the connection as gracefully as possible (i.e. try to send
RSET and QUIT in qmail-remote, issue a 4xx error in qmail-smtpd) but quit
regardless of whether these attempts to quit gracefully are successful or not.
It doesn't sound too complicated. Anybody see any major issues with this?
Charles
--
-----------------------------------------------------------------------
Charles Cazabon <[EMAIL PROTECTED]>
GPL'ed software available at: http://www.qcc.sk.ca/~charlesc/software/
Any opinions expressed are just that -- my opinions.
-----------------------------------------------------------------------
