On Fri, 22 Feb 2002, John W Baxter wrote:
> Having learned of this setting, I noted that our value was the default of
> 0. (The default smtp_accept_max (20) allows a small non-zero setting here
> as default.)
>
> It seems to me that is an opening for a DOS attack and therefore an
> unfortunate default (I've changed ours, hoping to stay out of the way of
> friendly MTAs but still protect).
>
> If this is still an issue for Exim 4, perhaps a change is in order?
The reason that the default is unset is that this is an expensive
operation. When a connection happens, Exim has to scan through its
entire list of current connections to see how many are from the current
host, in order to apply the limit. While it is doing this, it can't
accept other connections - this is done in the daemon loop so as to be
synchronous and not allow remote hosts to force lots of forks, which
would be another kind of DOS.
I don't think it's possible to lock out every possible DOS. I took a
decision that this particular setting should be something a sysadmin had
to know about. Besides, I couldn't think of a useful default value.
--
Philip Hazel University of Cambridge Computing Service,
ph10@??? Cambridge, England. Phone: +44 1223 334714.
