Serge Knystautas wrote:
I agree with this. The type of DOS attack to worry about is the one that costs the perpetrator disproportionately less resources than the victim.
But right now you can write a 100-line program, which won't take much of any bandwidth (making it harder to spot the DoS), but will stop a James server from accepting any more incoming SMTP connections, either because it exhausts memory or exhausts the number of threads/handlers. This is why I raised this as potential DoS vulnerability.
If you had fast-fail or accepted the message, you would have to significantly increase the effort (be it connections or bandwidth) to bring that James server down.
ADK
--
To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
