erick.bullier@??? wrote:
> Hello,
>
> I was yesterday at a conference about linux security.
> One of the linux Security Consultant spook about the mail servers.
> Postfix is the best (for security reasons) for him.
> He say that there is possibility to block exim serveur (or to slow it down)
> for a single user by sending a lot of packet at the same time.
> The example was that postfix detect this and slow down the packet for this
> user and allow the packet the another to pass simultaneously...
> I believe that there is a specific directive in exim conf to fix that.
> In fact, how run this directive, and does it prevent really this type of
> situation...
> I would like to receive a good formated answer (i can send it to the office of
> this very famous french security consultant agency)...
Options you should look for
smtp_accept_max - limits maximum parallel smtp-connection
smtp_accept_max_per_host - limits smtp-connections per host
smtp_accept_max_per_connection - max number of of MAIL-commands per conn
smtp_accept_queue_per_connection - maximum number of delivery processes,
started for an incoming connection
smtp_rate_limit_* - limit the rate of incoming commands from specific
hosts
> I am little anxious, because my mail server run with exim (3.35) and supporte
> a lot of mail account....
> I tryed yesterday to defend Exim and its capabilitys, but it's very difficult
> without real security arguments...
This is not a flame, but I think to many ppl believe in postfix-marketing.
Contact your security-expert, and ask him about he wants to take down
exim, and most probably, you can say him "Just set this option...."
