[exim] DoS attack with nested MIME levels

Etusivu
Poista viesti
Vastaa
Lähettäjä: Michael Haardt
Päiväys:  
Vastaanottaja: exim-users
Aihe: [exim] DoS attack with nested MIME levels
Hello,

out of the blue, I am getting a bunch of mails with a very deep MIME
nesting and an "email-info.scr" file inside. Our mailer rejects them,
but it takes forever and a day to scan it. The whole thing looks like
a mail loop, because the sending MTA encapsulates the message together
with the 550 error message from our MTA into a new mail and tries again
(that's why the nesting gets so deep). Were this a single host, I'd
block it. But I see that from hosts all over the world.

Any idea what that crap is?

Michael