On Tue Feb 03, 2009 at 20:49:58 +0000, Martin A. Brooks wrote: > If it were possible, http://how.would.you.com/ deal with > http://people.deliberately.co.uk/ seeding emails with > http://non-existant.domains.com/ and thus DoSing your server while it's > wating for http://dns.timeouts.cx/ ?
In general it works well, because people don't often maliciously poison their messages. You're right about timeouts though - this is the log from one message I tested earlier today: URIBL: checking sub-host imsantv47.netvigator.com URIBL: checking sub-host timezone8.biglist.com ... URIBL: checking sub-host www.eset.com ... uribl: listed in multi.uribl.com: rejected, see http://lookup.uribl.com/?domain=xxxx.com 81 lookups finished in 30.00 sec (1 match) 81 URLs in one message. That's the most today, but I've certainly seen higher. Now that I've thought about it I should probably randomize the order and only test the first 32 or so. Unfortunately I don't think this would be a trivial thing to do in exim - I do it externally. Steve -- -- ## List details at http://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
