The idle-timeout-secs setting is 0 by default, which defeats the setting. This leaves the server vulnerable to a DoS, per trog in a recent post.
The use of this settings is thus highly recommended, and we feel that the default should be something other than 0 (iow, enabled). I think 300 is a reasonable default (although not necessarily optimal). I'm sure Sam had reason to choose 0 as a default, but I can't imagine what that would have been, other than not being able to determine what an appropriate default value would be. Sam? Does anyone have any thoughts on this that they'd like to share? -- -Eric 'shubes' _______________________________________________ spamdyke-users mailing list [email protected] http://www.spamdyke.org/mailman/listinfo/spamdyke-users
