[Raw Msg Headers][Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Possible denial of service exploit



Once Tai Samuel S PRC 61CS/SCBN 833-1648 wrote:
>smtpserver receives mail from a non-RFC822-compliant SMTP gateway that
>rewrites addresses as follows:
>
>To: <user@mydomain> becomes
>To: <"SMTP@gateway-name@Servers[<user@mydomain>]"@remote-domain>
>
>When the router tries to process this message, it consumes all swap
>space and pegs the uptime at 10; the hardware hangs afterwards.
>
>Needless to say, the only work-around I've found is to create a policy
>that states "rejectsource +" or "freezesource +" to the offending
>remote-domain.

	Newer zmailer has different canonicalize that does not
cause memory growth.
							alexis
-- 
		You can't teach a new mouse old clicks