RE: Subtle qmail bug? (was Re: Handling an MX record of 0.0.0.0 or 127.0.0.1)

[Greg Owen]

> Well I guess that this one is definitely elligible for the 
> "qmail security challenge".
> 
> http://web.infoave.net/~dsill/qmail-challenge.html

        I don't think so.  The challenge says:

"Bugs that qualify for the prize, subject to the other conditions
 outlined in these rules, must be one of the following: 
- Remote exploits that give login access. 
- Local or remote exploits that grant root privileges. 
- Local or remote exploits that grant read or write access to a
  file the user can't normally access because of UNIX access controls
  (owner/group/mode). 
- Local or remote exploits that cause any of the long-lived qmail
  processes (currently: qmail-send, qmail-rspawn, qmail-lspawn, or
  qmail-clean) to terminate."

        This attack merely causes messages to loop a bit before bouncing.
This barely even qualifies as a DOS attack.

        Note also that at http://cr.yp.to/qmail/guarantee.html:

"I also specifically disallowed denial-of-service attacks: they are present
in every MTA, widely documented, and very hard to fix without a massive
overhaul of several major protocols"


-- 
        gowen -- Greg Owen -- [EMAIL PROTECTED]
              SoftLock.com is now DigitalGoods!