Re: (fwd) Re: [Exim] Exim DoS - Delaying system performance …

Top Page
This message is part of the following thread:
M\the complete thread tree sorted by date
MM 
MPhilip Hazel at ->
Delete this message
Reply to this message
Author: Steven Clarke
Date:  
To: exim-users
Subject: Re: (fwd) Re: [Exim] Exim DoS - Delaying system performance / system crash.
> I have not the time to read your code, but a quick glance suggests that
> you are just hammering the victim with many SMTP calls. Exim can be
> protected against such an attack by setting smtp_accept_max and
> smtp_max_per_host.

I think that you are misreading the code. It seems to be connecting to the
mail server, starting a SMTP session and then sending a 1Mb header line.
This doesn't seem to cause a DoS to Exim 3.12 so it looks like the changes
between 3.10 and 3.11 to improve memory allocation for headers worked.

Steve Clarke




This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-Re: [Exim] Using send_to_gateway on messages already queued[Exim] Retry DB: few questions->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)