[jira] [Comment Edited] (JAMES-1427) DoS scenario(s) in SMTP server

Thu, 28 Mar 2013 14:37:19 -0700 

    [ 
https://issues.apache.org/jira/browse/JAMES-1427?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13616671#comment-13616671
 ] 

Andrzej Rusin edited comment on JAMES-1427 at 3/28/13 9:35 PM:
---------------------------------------------------------------

Patch creates org.apache.james.smtpserver.fastfail.MaxUnknownCmdHandler which 
can be used like that:

    <handler class="org.apache.james.smtpserver.fastfail.MaxUnknownCmdHandler">
      <maxUnknownCmdCount>10</maxUnknownCmdCount>
    </handler>

Drops the connection after 10 unknown commands. Tested. Depends on JAMES-1494
                
      was (Author: arusin):
    Patch creates org.apache.james.smtpserver.fastfail.MaxUnknownCmdHandler 
which can be used like that:

    <handler class="org.apache.james.smtpserver.fastfail.MaxUnknownCmdHandler">
      <maxUnknownCmdCount>10</maxUnknownCmdCount>
    </handler>

Drops the connection after 10 unknown commands. Tested.
                  
> DoS scenario(s) in SMTP server
> ------------------------------
>
>                 Key: JAMES-1427
>                 URL: https://issues.apache.org/jira/browse/JAMES-1427
>             Project: James Server
>          Issue Type: Bug
>          Components: SMTPServer
>    Affects Versions: 3.0-beta3
>            Reporter: Andrzej Rusin
>         Attachments: JAMES-1427.patch
>
>
> 1. SMTP server allows unlimited number of invalid commands, which may waste 
> network bandwidth.
> 2. The invalid commands go straight to the logs with level INFO, which can 
> easily fill up the server disk.
> Additionally:
> 3. After the max message size is reached, the SMTP server denies the message, 
> but client keeps sending, which makes the remaining part of the message go 
> straight to the log because of 2.
> Ideas to fix:
> A. Do not log more than N invalid commands per connection - solve 2,
> B. Drop connection after Nth (consecutive?) invalid command - solve 1 and 2,
> C. (This one is questionable) Drop the connection after max message size is 
> reached - solve 3

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to