Re: [Exim] About SMTP callback used as a DDOS

Page principale
Supprimer ce message
Répondre à ce message
Auteur: Jeffrey Goldberg
Date:  
CC: exim-users
Sujet: Re: [Exim] About SMTP callback used as a DDOS
On Sun, 22 Jul 2001, Marc MERLIN wrote:

> On Sun, Jul 22, 2001 at 10:24:10AM -0400, Dave C. wrote:
> > Er, that would only happen if the MTA's for all 10,000 users were doing
> > SMTP callback. The exploder wouldnt do a callback for each recpient,
>
> Yes. I know it's not a problem now, my thought was "what if everyone were
> doing like me?"


I think that that is a very good principle to operate on (but I'm a bit of
a Kantian).

> [...] you're forgetting that by default SMTP callback is on the header
> sender too.


Personally, I think that this illustrates a problem with certain classes
of spam fighting mechanisms. Basically, but doing things like call-backs,
we are merely forcing spammers to forge real instead of fake addresses.
And that behaviour is more damaging.

I don't want bring this list into an old debate, but I'd recommend that
everyone ask themselves when they institute some spam prevention measure
to consider what the counter measures are and the consequences of those
counter measures.

Certainly, as Marc points out, call-backs should be against the envelope
only, or lists will pose a particularly nasty consequences of what
spammers can do with call-backs.

> Exim should probably cache callbacks. Not necessarily to prevent DDOS, but
> to avoid bothering the remote systems for every Email they send (especially
> with my crude patch that also checks for postmaster every single time)


Interesting idea. While I think that that is tinkering with something
that is a fundamentally bad idea for most circumstances, it looks like a
very good tinkering.

-j


--
Jeffrey Goldberg
I have recently moved, see http://www.goldmark.org/jeff/contact.html
Relativism is the triumph of authority over truth, convention over justice