On 13 Aug 2004 at 8:41, Steffen Kaiser wrote: > > It's an optional part of SMTP that doesn't have to be supported, and > > does have some security issues. > > Which ones? > It simply triggers a queue run filtering mail for a target server.
Depending on the ability of your sendmail installation to determine spoofed connections, it *can* result in a DoS type of behavior. Based on the "MinQueueAge" and "Timeout.hoststatus" in sendmail.cf, it's possible to use a spoofing system to keep e-mail from getting to the right place in a timely fashion. Basically, you spoof to start the queue run and the server tries to send to the unconnected system. This generates a "touch" of the queue and a refresh of the host status directory (to failure). When the *real* place connects up to the Internet and calls to execute the ETRN, nothing gets sent because things had been tried sooner than the timeouts. The system hangs up off the Internet assuming that there is no mail. This could in theory go on long enough to result in a "non- deliverable" e-mail. -- Jeff Rife | "You keep using that word. I do not think it SPAM bait: | means what you think it means." [EMAIL PROTECTED] | [EMAIL PROTECTED] | -- Inigo Montoya, "The Princess Bride" _______________________________________________ Visit http://www.mimedefang.org and http://www.canit.ca MIMEDefang mailing list [EMAIL PROTECTED] http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
