On Fri, 12 Jan 2001, Suresh Ramasubramanian wrote:
> If you set this
>
> > message_size_limit=300K
>
> what you'll get is
>
> mail from: <foo@???> SIZE=[size]
Not absolutely strictly true. If the client starts the session with
EHLO, Exim advertises its support for SIZE=. If then the client chooses
to use the SIZE= facility, it will indeed send that command and will get
an immediate error code if the value is too big.
If, OTOH, the client does not send SIZE= on the MAIL command, Exim has
to find out the size by reading the message. (Actually, it does this
anyway, because the client may have lied in its SIZE= value.) Because of
the way the SMTP protocol is defined, Exim cannot return a response until
it has received the entire message. However, once it has hit the size
limitation, it just sits there throwing away the incoming data until the
end is reached.
I guess this does admit a DOS attack in that it uses an SMTP incoming
channel. However, there are plenty of similar things: a client could
connect, start a message, and then send one byte of data every 4
minutes, say (since the usual timeout is 5 minutes). This takes a very
long time even before it hits a limit as modest as 300K.
I guess the only way round this would be to put an overall limit on the
real time taken to receive a message. It would have to be at least an
hour, I would think. Is there any real need for this?
--
Philip Hazel University of Cambridge Computing Service,
ph10@??? Cambridge, England. Phone: +44 1223 334714.