Re: (fwd) Re: [Exim] Exim DoS - Delaying system performance …

Top Page
Delete this message
Reply to this message
Author: Steven Clarke
Date:  
To: exim-users
Subject: Re: (fwd) Re: [Exim] Exim DoS - Delaying system performance / system crash.
> I have not the time to read your code, but a quick glance suggests that
> you are just hammering the victim with many SMTP calls. Exim can be
> protected against such an attack by setting smtp_accept_max and
> smtp_max_per_host.


I think that you are misreading the code. It seems to be connecting to the
mail server, starting a SMTP session and then sending a 1Mb header line.
This doesn't seem to cause a DoS to Exim 3.12 so it looks like the changes
between 3.10 and 3.11 to improve memory allocation for headers worked.

Steve Clarke