Re: [Exim] Error log - TLS auth

Inizio della pagina
Delete this message
Reply to this message
Autore: Philip Hazel
Data:  
To: Dean Brooks
CC: exim-users
Oggetto: Re: [Exim] Error log - TLS auth
On Mon, 6 Jan 2003, Dean Brooks wrote:

> Just an observation, but is it necessary for the non-mail command
> limit to be configured right on the exact minimum threshold of needed
> commands in a normal mail session?


> Rather, couldn't you just set it to something arbitrary, say 15?


Then it would probabely be useless for the purpose for which it was
designed (see below).

> At least then it would catch any major abuse.
>
> Are non-mail commands being abused by spammers or DOSsers?


Yes. There is a security issue with some web servers whereby someone who
can access the web server can provoke it into sending data to the SMTP
port of a host to which it has access. The original caller may not have
access to that SMTP port. However, when this is done, the data starts
off with a smallish number of non-SMTP command lines. It was as defence
against this that the check was introduced into Exim. (I don't think I'm
giving much away by posting this information; I think the exploit is
probably well-known now.)

--
Philip Hazel            University of Cambridge Computing Service,
ph10@???      Cambridge, England. Phone: +44 1223 334714.