On Fri, Apr 17, 2009 at 9:12 AM, Robert Burrell Donkin <[email protected]> wrote:
<snip> >> In section 4.1.1.10. the RFC also says that "The receiver MUST NOT >> intentionally close the transmission channel until it receives and >> replies to a QUIT command". > > yes > > however, this behaviour is a real PITA for servers and enables DOS > attacks. I'm not an expert but wouldn't you run a DOS attack between DATA and the dot? Send a few bytes, wait a few seconds, send a few bytes... Besides, a reasonable timeout wouldn't be a problem. Timeouts are also specified in section 4.5.3.2. in the RFC. > i would expect most commercial SMTP servers to allow this > part of the specification to be ignored. i expect most servers just > set a timeout on the socket (AIUI james does this by default) so the > connection will timeout after a suitable period of inactivity. the > problem is that this server is particularly (and unusually) aggressive > in terminating the connection. > > - robert --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
