Nicolas Noble <[EMAIL PROTECTED]> wrote:
>
> If somebody use a wrong local user during an SMTP connection to qmail,
> qmail won't say a "550 unknow user" but will later send a mail back to the
> sender. This is very annoying because anybody can use my smtp server to do
> mailbombing to somebody else like:
[snip]
Well known attack against any MTA that does/can not do local-part
verification during the initial SMTP conversation.
Nobody uses this attack -- for each message they inject, they can
provoke at most one bounce. It's quicker and easier for them to exploit
an open relay and amplify their attack a hundredfold.
> And doing so many times will causes the poor [EMAIL PROTECTED] mail
> bombed with
>
> "Hi. This is the qmail-send program at ...."
>
> and I'll get naturally flamed by this poor guy since I'd allow this to
> happend.
He's clueless if he does. Ignore him.
> Is there an issue about this?
No. You're imagining a problem where none exists.
Charles
--
-----------------------------------------------------------------------
Charles Cazabon <[EMAIL PROTECTED]>
GPL'ed software available at: http://www.qcc.sk.ca/~charlesc/software/
-----------------------------------------------------------------------
