Lähettäjä: Michael Haardt Päiväys: Vastaanottaja: exim-users Aihe: [exim] DoS attack with nested MIME levels
Hello,
out of the blue, I am getting a bunch of mails with a very deep MIME
nesting and an "email-info.scr" file inside. Our mailer rejects them,
but it takes forever and a day to scan it. The whole thing looks like
a mail loop, because the sending MTA encapsulates the message together
with the 550 error message from our MTA into a new mail and tries again
(that's why the nesting gets so deep). Were this a single host, I'd
block it. But I see that from hosts all over the world.