About four months ago, I posed a problem to yahoo and hotmail about
a DOS attack against a mail server. It involved looping mail messages
between mail servers until the target was overwhelmed. They assured
me this was not possible - it had been thought of years ago and was
not possible.
Here I am, in charge of 46 servers, each running qmail. All of the have
root's mail forwarded to one server, where I POP in and get my mail.
As fate would have it, a couple servers were being brute-forced, and
they generated a bunch of mail. After a few hours, I reached my quota,
so qmail started bouncing the mail back to the originator. When the
originator received the mail, it forwarded it back to the one account,
which bounced it back to the originator, which forwarded it to the one
account, which bounced it . . .
After a few hours, the "target" slowed to a crawl. It had 61 MB of mail
in an account that was capped at 10 MB. Oops.
I bring this up for one BIG reasons: I read one of qmail's features was
built-in looping control. Apparently, I am doing something wrong with
my QMAIL configuration. Or else it does allow looping, which can be
really bad . . .
Does anyone know how I can keep this loop from happening again?
If this problem (and it's solution) has already been posted, I apologize,
but I thought it was important enough to be posted immediately.
Thank you in advance.
George Toft
WorldMarket Services, Inc
www.world-market.com
