Re: [Exim] Exim DoS - Delaying system performance / system c…

Top Page
Delete this message
Reply to this message
Author: Philip Hazel
Date:  
To: Chris Knipe
CC: exim-users, bugtraq
Subject: Re: [Exim] Exim DoS - Delaying system performance / system crash.
On Tue, 4 Jan 2000, Chris Knipe wrote:

> For the first time since I have been using the popular Exim mailer daemon,
> I have come accross an possible (and fairly serious) DoS.


I have not the time to read your code, but a quick glance suggests that
you are just hammering the victim with many SMTP calls. Exim can be
protected against such an attack by setting smtp_accept_max and
smtp_max_per_host.


-- 
Philip Hazel            University of Cambridge Computing Service,
ph10@???      Cambridge, England. Phone: +44 1223 334714.