Neither bouncing messages nor return receipts make sense for
ordinary messages. And for registered messages one needs
authentication and encryption anyway.
As far as DOS is concerned, amplification is much much higher.
The problem is this:
1) Hacker uses a tool to root compromise a few thousand home
computers.
2) Hacker installs a little program that sends empty emails with
your email address as return address to a selection of the
top 500 best connected mail hosts. It only sends a few hundred
to a few thousand emails at a time and then sleeps for a random
interval.
3) The well connected machines dutifully delivers bounce messages
to your mail server.
4) Amplification is very high. You send 100 bytes to generate a
2000 byte error message. That's 2000%.
Even worse, how do you ever trace this back or make it stop?
Somebody is going to write a program that does something like
this. We might as well turn bounces off now before that happens.
I don't think that it is the mail server's place to divulge
which addresses are valid and which are not.
Dirk
On Thu, Mar 02, 2000 at 03:18:25PM -0800, Russ Allbery wrote:
> Pavel Kankovsky <[EMAIL PROTECTED]> writes:
>
> > The error message is quite long. In fact, it is probably longer than
> > most email addresses, even with additional "rcpt to:". If you send an
> > empty message to many bogus recipients (limited only by the amount of
> > virtual memory available to qmail-remote), you can get > 100%
> > amplification easily (compared to your own network traffic).
>
> 100% amplification isn't particularly interesting. Most of the existing
> DoS attacks give you an order of magnitude of amplification or more.
>
> --
> Russ Allbery ([EMAIL PROTECTED]) <http://www.eyrie.org/~eagle/>
