Re: [Exim] RSET resets $rcpt_fail_count?

Top Page
This message is part of the following thread:
Mthe complete thread tree sorted by date
MGiuliano Gavazzi at <-
M 
Delete this message
Reply to this message
Author: Michael Haardt
Date:  
To: exim-users
Subject: Re: [Exim] RSET resets $rcpt_fail_count?
> the next step is: one new transaction for each recipient. The best
> technique would indeed be storing the attempts in a database and
> acting on that basis.

Most likely, but all i want is to protect the system from DoS attacks.

> I do not see why accept two unknown recipients, even one if one too
> many (except, as I said, in the case of <> sender), consider that you
> are not going to accept the email for that particular recipient
> anyway, so the fact that spammers can forge <> has not effect anyway.

Users mistype mail addresses sometimes, so it would cost me more
processes. I could probably live with that, but it also slows regular
mail down, because systems that send mails for the same host sequentially
would take longer to get their mail through. I hate it when mail takes
longer than at most some seconds. :)

Allowing two bad addresses rarely slows regular mail traffic down while
still protecting me from attacks so far. Things were fine until someone
discovered that RSET let them reset the counter. Well, not anymore.

Michael


This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-[Exim] RFC 1891 - ESMTP / DSN[Exim] Deferred delivery to user account with /dev/null as home dir->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)