On Sun, 6 Feb 2000, robert rotman wrote:
> i have this in my "local_domains":
> --------
> localhost:mysql;select domain from mail where domain='$key'
> --------
I don't think that is a very sensible kind of configuration. The manual
has this to say:
6.5 Temporary errors in lookups
Lookup functions can return temporary error codes if the lookup cannot be
completed. (For example, a NIS or LDAP database might be unavailable.) When
this occurs in a transport, director, or router, delivery of the message is
deferred, as for any other temporary error. In other circumstances Exim may
assume the lookup has failed, or may give up altogether. It is not advisable
to use a lookup that might defer for critical options such as (to give an
extreme example) local_domains.
> so exim had to send 50.000 select statements which are all the same
> to the database.
> (btw.: i read in the doc's that this queries schould be cached...
> but exim -d 9... show's that they are not...)
They are only cached within one Exim process. If you've got 50,000
messages, there will be 50,000 processes.
> what can i do to prevent such "attac's"?
If you really have to keep your primary list in a database, I suggest
you invent some scheme whereby you can generate a file with a faster
access method for Exim to use when it is running. For example, a cdb
file.
> i guess maybe there is a simple sollution, but a cant figure it out....
It is very hard to guard against all possible attacks.
--
Philip Hazel University of Cambridge Computing Service,
ph10@??? Cambridge, England. Phone: +44 1223 334714.