On Thu, 25 Jul 2002, Matthew Byng-Maddick wrote:
> On Thu, Jul 25, 2002 at 08:08:45AM +0100, Dr Andrew C Aitchison wrote:
> > On 24 Jul 2002, John Horne wrote:
> > > By default SpamAssassin lets through 'large' messages, which by default
> > > are those of 250KB in size.
> > Which idiot dared to put that rule in ?
> > When the spammers bother to work around that rule
> > we are all in real trouble.
>
> No, because your mail server automatically rejects oversize mail, doesn't
> it? If not, you probably deserve to lose anyway.
*I* can set both programs to agree on the maximum mail size,
but if the spammers send the large mail I have to receive that many bytes
before I can reject it.
I had hoped not to mention the "obvious" exploit which will gum up
the internet, but I fear that I wont be understood if I do not.
If spammers can find a message size that many systems allow but don't
spam check they will try to send messages of that size.
--
Dr. Andrew C. Aitchison Computer Officer, DPMMS, Cambridge
A.C.Aitchison@??? http://www.dpmms.cam.ac.uk/~werdna