??
definitely not eligible. where's the exploit?
Patrick Bihan-Faou writes:
>
>
> Well I guess that this one is definitely elligible for the "qmail security
> challenge".
>
>
>
>
> If you don't count that as a bug in qmail, then I don't know what is a
> bug...
>
>
>
> Patrick.
>
>
>
>
> "Scott Gifford" <[EMAIL PROTECTED]> wrote in message
> news:<[EMAIL PROTECTED]>...
>> Matt Brown <[EMAIL PROTECTED]> writes:
>>
>> > This has been a feature of recent spam, which is probably why it's now
>> > an issue. Several spam senders are now having sender addresses of
>> > <spammer>@<spamdomain>, where <spamdomain> resolves via DNS to
>> > '0.0.0.0'.
>> >
>> > Eventually qmail rejects the message because it recognises that it's
>> > looped around too much, of course.
>>
>> Right, but it's a very effective (perhaps inadvertant) DOS tool. If
>> you can generate a stream of 10 messages/sec of these, it's the
>> equivalent of generating about 300 messages/sec --- a great way of
>> turning a puny dial-up connection into a mail server crushing machine.
>>
>> We had a spammer sending a huge number of messages to users at this
>> address (<sigh> their fake bounce addresses are now getting on each
>> others' list...), which was causing our not-processed queues to hover
>> around 100, which was causing regular messages to be processed very
>> slowly.
>>
>> Since qmail works around this simple mail loop for other address
>> referring to the local machine, it should do so for 0.0.0.0 as well.
>>
>> ------ScottG.
>>
>
---------------------------------
Paul Theodoropoulos
[EMAIL PROTECTED]
Senior Unix Systems Administrator
Syntactically Subversive Services, Inc.
http://www.anastrophe.net
Downtime Is Not An Option
