>-----Original Message----- >From: Mariano Absatz [mailto:[EMAIL PROTECTED] >Sent: Thursday, July 29, 2004 9:41 AM >To: SURBL discussion list; SpamAssassin users list >Subject: SURBL DoS possible? > > >I was wondering... > >I didn't look at the source code for the SpamCopURI or the SA 3.0 >plugin but I guess it just looks for URI's within the messages and >issues a DNS query to the configured SURBLs for every different >canonicalized domain name... is it? > >What would happen if a spammer intentionally starts putting hundreds >of different invisible random URIs within the message trying to DoS >SURBL? > >Does the SA plugins check for this condition? Or have a limit as to >how many SURBL queries will it issue for a given message? > >TIA >
It picks a random sample of URLs. This was one of the main concerns when we started talking about this feature. We're always one step ahead of Mr. Spammy ;) --Chris
