[Raw Msg Headers][Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: "Errormail" attaches whole bad message - and creates deadlock



Hello.

I can see an easy way to create intentional DoS attacks using 
this feature. The targets are secondary MXers which do not 
reject immediately a message to non-existent user. It is a big 
chance that <postmaster> also is not local at these hosts.

Just saying HELO, looking at SIZE responce and generating 50-
bytes-smaller SMTP message. Repeat until LA=50 or 
/var/spool/postoffice exhaust.

Right?

Alexey

On 19 Jan 01, at 18:32, Alexey Lobanov wrote:

> I can see that the current error notification scheme can create
> rare but heavy deadlocks in mailserver.
> 
> I have several hosts with Zmailer, and all them have same SMTP
> message size limit (2 000 000 bytes.) Surely, I (postmaster) read
> mail at one of them, other ones forward mail to me.
> 
> Now, a message of 1 999 950 bytes arrives to valid user at one
> server and attemts to travel to another (i.e., better MX). But
> now it is 2 000 030 bytes because of "Received:" string, and next
> hop bounces it!
> 
> OK, this first situation is inpleasant but not dangerous. Nobody
> warranties huge message delivery.
> 
> Next step is more bad. Normally Zmailer creates error 
> notifications (forms/delivery) messages attaching WHOLE bad-
> behaving message as message/rfc822 attchment. This bundle is
> definitely bigger than SMTP limit. And if <postmaster> mail is
> forwarded to another host, it is bounced too... creating new huge
> error messsage... bounced again... new error... LA=1.5 until
> manual message kill.
> 
> The quick solution is just to require Postmaser to be local. I am
> not sure that it is feasible limitation.
> 
> Some MTA (i.e., Postfix) show smarter behavoir: attached bounced
> message is always cut to safe (typically, 50 kb) size. That's
> enough both for sender and postmaster to identify message and
> error reasons. Moreover, a good practice is to send message
> headers ONLY to postmaster, protecting sender privacy.
> 
> So, the question: how can I make Zmailer to attach message 
> headers ONLY to error notification?
> 
> Alexey


====
Alexey Lobanov
al258-ripe
CPR, St.Petersburg
Head, IT Department
Phone +7-812-3468247
Fax +7-501-3468248, +7-812-3271408