At 11:30 AM Tuesday 3/23/99, Przemyslaw Frasunek wrote:
>My machine running qmail-1.03 can be heavly loaded by opening
>as much as possible concurrent connections and flooding with RSET
>and NOOP commands.
>
>It is possible to close connection after receiving i.e. 100 NOOPs or RSETs?
Yes, but how about if they sent 100 empty lines. Or 100 RCPT commands or 1
DATA command and 100 data lines?
If you allow the connection in the first place, then there is not a lot you
can do to distinguish a legitimate connection from a DOS connection so I'm
not sure I'd bother.
Of course you can control the maximum number of concurrent sessions by using
tcpserver so your inbound connections might run out, but your system wont
fill up.
Regards.
