We provide mass mail service for approx. 20 000 users. Can I protect us service from dbmail-imapd DoS attack? :-|
22.11.07, 09:43, Jani Partanen ([EMAIL PROTECTED]): > Emh? > Why would someone of your system userslike to DoS you? Because after all > this can only happen if you are authenticated right? > So I don't believe that anyone here should be afraid of massive DoS wave :) > > > -----Original Message----- > > From: [EMAIL PROTECTED] > > [mailto:[EMAIL PROTECTED] On Behalf Of umask > > Sent: Thursday, November 22, 2007 8:25 AM > > To: [EMAIL PROTECTED]; [email protected] > > Subject: Re: [Dbmail] dbmail-imapd eating CPU > > > > We're ignored... > > > > And waiting for mass DoS :( > > > > 21.11.07, 14:51, Marc Dirix ([EMAIL PROTECTED]): > > > > > I can confirm this problem, with using these same steps, dbmail > > > 2.1.7-svn. > > > On Wed, Nov 21, 2007 at 02:12:19PM +0300, umask wrote: > > > > wake up :) > > > > > > > > this bug is big security hole provides DoS and 100% CPU > > utilization. > > > > > > > > Please fix ASAP. > > > > > > > > > > > > 21.11.07, 08:18, umask ([EMAIL PROTECTED]): > > > > > > > > > It's big bug :( > > > > > Steps to reproduce. > > > > > telnet imap.server.net 143 > > > > > Trying 192.168.1.1... > > > > > Connected to imap.server.net. > > > > > Escape character is '^]'. > > > > > * OK IMAP4 ready > > > > > a001 login [EMAIL PROTECTED] password > > > > > a001 OK LOGIN completed > > > > > a002 noop > > > > > a002 OK NOOP completed > > > > > a003 SELECT INBOX > > > > > * 1 EXISTS > > > > > * 0 RECENT > > > > > * FLAGS (\Seen \Answered \Deleted \Flagged \Draft) > > > > > * OK [PERMANENTFLAGS (\Seen \Answered \Deleted \Flagged \Draft)] > > > > > * OK [UIDNEXT 791936] Predicted next UID > > > > > * OK [UIDVALIDITY 72365] UID value > > > > > a003 OK [READ-WRITE] SELECT completed > > > > > a004 SEARCH UID 1:279261 > > > > > * SEARCH 1 > > > > > a004 OK SEARCH completed > > > > > a005 FETCH -14:1 (UID FLAGS) > > > > > And dbmail-imapd proccess which handle IMAP connections > > enter in loop. > > > > > 20.11.07, 18:39, Marc Dirix ([EMAIL PROTECTED]): > > > > > > I don't think the top or ps outputs are that > > helpfull, can you > > > > > > provide: > > > > > > 1) mailbox size, message nummer etc for the mailbox that > > > > > > triggers te problem > > > > > > 2) Message, if you can determine which message > > triggers the problem. > > > > > > 3) Client, is it mailclient related? > > > > > > And maybe a Level5 log, so dev's can parse it. > > > > > > (please remove passwords, and sensitive data). > > > > > > Marc > > > > > > _______________________________________________ > > > > > > DBmail mailing list > > > > > > [email protected] > > > > > > https://mailman.fastxs.nl/mailman/listinfo/dbmail > > > > > _______________________________________________ > > > > > DBmail mailing list > > > > > [email protected] > > > > > https://mailman.fastxs.nl/mailman/listinfo/dbmail > > > > _______________________________________________ > > > > DBmail mailing list > > > > [email protected] > > > > https://mailman.fastxs.nl/mailman/listinfo/dbmail > > > _______________________________________________ > > > DBmail mailing list > > > [email protected] > > > https://mailman.fastxs.nl/mailman/listinfo/dbmail > > _______________________________________________ > > DBmail mailing list > > [email protected] > > https://mailman.fastxs.nl/mailman/listinfo/dbmail > > > > > _______________________________________________ > DBmail mailing list > [email protected] > https://mailman.fastxs.nl/mailman/listinfo/dbmail _______________________________________________ DBmail mailing list [email protected] https://mailman.fastxs.nl/mailman/listinfo/dbmail
