Autor: Chris Edwards Data: Para: Fred Viles CC: exim-users Assunto: Re: [Exim] Re: Bagle, unqualified HELO, time delays
On Wed, 3 Mar 2004, Fred Viles wrote:
| This raises an interesting point. RFC2821 says a 5 minute timeout is
| a SHOULD, not a MUST. It turns out that at least one legitimate MTA
| (Mercury/32) does not wait that long. With a 90 second delay
| introduced, it gave up trying to send.
It too am confused about sending and receiving here.
The above implies a mercury sending client wouldn't wait for your (exim?)
server imposing a 90s delay.
| I've just had an interesting conversation with Mercury/32's author,
| David Harris, about the wisdom of following the RFC timeout
| recommendations. He pointed out that waiting five minutes for
| commands from a sender exposes a receiving MTA to a trivial DDoS
| attack, with no practical benefit.
But this implies a mercury server won't be willing to wait for its
clients.
How long does DH think a server _should_ wait, if it wishes to avoid
"trivial DDoS" ?
FWIW we still have a couple of mercury installations haunting the campus.
But we don't let them anywhere _near_ the internet, otherwise they'd be
er...trivially DDoS'd!
--
Chris Edwards, Glasgow University Computing Service