Mailinglist Archive: opensuse-security (575 mails)
| < Previous | Next > |
Re: [suse-security] DOS on sendmail daemon
- From: John Andersen <jsa@xxxxxxxxxxxxxx>
- Date: Sat, 2 Nov 2002 01:12:32 -0900
- Message-id: <200211021012.gA2ACXM12753@xxxxxxxxxxxxxx>
On Saturday 02 November 2002 12:40 am, Evert Smit wrote:
> here an example heder of how such a post looks like. because the mails are
> comming from various server, like ibm.com, compaq, yahoo, companies all
> over the world, blocking IP's will not make sence.
>
> i think we should call this a bounce attack, because that is eventually
> what happends... send out mails with wrong adresses to millions of
> computers and give a wrong adress and mail heder with... what happends..
> it bounces and the attack heads it's way to the requiret target.
>
But it will take as much resource to examine the headers as to
allow sendmail to handle it. The job is the same, whether sendmail
does it or the thing you want to put in front of sendmail.
If you don't relay, sendmail gets rid of these very quickly.
Still there are other MTAs that may be a bit more efficient
than sendmail, but the process of changing may be
not something you want to do on the fly.
--
_________________________________________________
No I Don't Yahoo!
And I'm getting pretty sick of being asked if I do.
_________________________________________________
John Andersen / Juneau Alaska
> here an example heder of how such a post looks like. because the mails are
> comming from various server, like ibm.com, compaq, yahoo, companies all
> over the world, blocking IP's will not make sence.
>
> i think we should call this a bounce attack, because that is eventually
> what happends... send out mails with wrong adresses to millions of
> computers and give a wrong adress and mail heder with... what happends..
> it bounces and the attack heads it's way to the requiret target.
>
But it will take as much resource to examine the headers as to
allow sendmail to handle it. The job is the same, whether sendmail
does it or the thing you want to put in front of sendmail.
If you don't relay, sendmail gets rid of these very quickly.
Still there are other MTAs that may be a bit more efficient
than sendmail, but the process of changing may be
not something you want to do on the fly.
--
_________________________________________________
No I Don't Yahoo!
And I'm getting pretty sick of being asked if I do.
_________________________________________________
John Andersen / Juneau Alaska
| < Previous | Next > |