[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Doug attack scenarios without SPF

To: Markus Stumpf <maex-lists-ietf-mxcomp@xxxxxxx>
Subject: Re: Doug attack scenarios without SPF
From: Dean Anderson <dean@xxxxxxx>
Date: Mon, 20 Nov 2006 14:04:27 -0500 (EST)
Cc: William Leibzon <william@xxxxxxxxxxx>, <ietf-mxcomp@xxxxxxx>
In-reply-to: <20061119024048.GF27919@xxxxxxx>
List-archive: <http://www.imc.org/ietf-mxcomp/mail-archive/>
List-id: <ietf-mxcomp.imc.org>
List-unsubscribe: <mailto:ietf-mxcomp-request@imc.org?body=unsubscribe>
Sender: owner-ietf-mxcomp@xxxxxxxxxxxx

On Sun, 19 Nov 2006, Markus Stumpf wrote:

> while I agree that there is some potential for a attack I don't see
> it as a really big problem.

I agree.

> 4) It is easy for the MTA to check for the length of the EHLO argument
>    and ensure that it fits in one UDP packet

The SMTP server should not try to resolve the EHLO/HELO argument.  
There is nothing to learn from by resolving this argument.  It just adds
to the DNS load, and it increases the time to handle a signle message.
This then reduces the rate at which the mail server can process
messages, and increases the resources consumed by the email server.  
(gun-foot-fire-aim)

-- 
Av8 Internet   Prepared to pay a premium for better service?
www.av8.net         faster, more reliable, better service
617 344 9000

References:
- Re: Doug attack scenarios without SPF
  - From: Markus Stumpf

Prev by Date: Re: Doug attack scenarios without SPF
Next by Date: Re: Doug attack scenarios without SPF
Previous by thread: Re: Doug attack scenarios without SPF
Next by thread: Re: Doug attack scenarios without SPF
Index(es):
- Date
- Thread