[Raw Msg Headers][Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: smtpserver DOS
On Thu, Nov 02, 2000 at 02:09:07PM +0300, Eugene Crosser wrote:
> This is rather silly case but I've recently been bitten by it more
> than once.
>
> When remote client comes in, receives 5xx of 4xx code but ignores it and
> continues to push data (esp. binary data), smtpserver's log is filled
> up by "550 Syntax error" messages causing fast consumation of disk space.
>
> Possibly repeating messages could be filtered out a la syslog?
> Or maybe smtpserver should just drop connection after some threshold?
PARAM max-unknown-commands 10
That doesn't, of course, help when a fly-by in the night spammer is using
broken scripts, which reconnect again and again..
PARAM tarpit 20 2
helps to slow down such bozos making the attack less attractive.
1999-10-30 Matti Aarnio <mea@mea.tmt.tele.fi>
* man/smtpserver.8, proto/smtpserver.conf.in, smtpserver/cfgread.c,
smtpserver/smtpserver.h, smtpserver/smtpserver.c,
smtpserver/smtpcmds.c:
A "tarpit" feature implementation per an idea from
Arjan van de Ven <arjan@NL.UU.NET>, plus
Mark Visser <mark@cal026031.student.utwente.nl>.
(Who reported of what postfix/vmail can do.)
2000-02-29 Matti Aarnio <mea@mea.tmt.tele.fi>
* smtpserver/smtpserver.c, smtpserver/smtpserver.h,
smtpserver/cfgread.c, smtpserver/smtpcmds.c:
- PARAM sum-sizeoption-value -- modify how MAIL FROM:<> SIZE=nn
option value is processed when compared against various limits
in the system -- if the option is present, effectively the
system required free space is message size multiplied by the
recipient count.
- PARAM max-unknown-commands nn -- how many pure junk commands
can be accepted before our side hungs the connection. Default
limit: 10
> Eugene
--
/Matti Aarnio <mea@nic.funet.fi>