A local user, eric, can set up .qmail-slow like this:
| sleep 3600
If Eric then sends a few hundred pieces of mail to eric-slow, qmail's
local queue will fill up, and local mail delivery will be stopped.
Incoming mail will not be delivered until Eric's 'sleep' processes
time out.
This attack may not be the result of malice; Eric may simply have a
complicated, slow MDA.
User process limits do not appear to be a good solution to this,
because with a normal local queue size (say 10, the default) and a
normal user process limit (say 64) Eric can still effectively prevent
local mail delivery.
Increasing the local queue size may not be an effective solution,
because that has other side effects that may be undesirable, and it
won't stop Eric anyway.
Has this been a problem for anyone in practice? It appears to
constitute a security problem that a single local user can shut down
all local mail delivery indefinitely.
