Re: [exim] DoS attack with nested MIME levels

Top Page
Delete this message
Reply to this message
Author: Jerry Nicholls
Date:  
To: Michael Haardt
CC: exim-users
Subject: Re: [exim] DoS attack with nested MIME levels
On Thu, 2005-07-14 at 12:57 +0200, Michael Haardt wrote:

> Tom, if you read this: How about something like mime_nesting_depth and
> mime_total_count? I am sure many people want to limit both using ACLs,
> once the crap above hits them.


Yeah, I asked about this some weeks back. I don't mind how many
attachments are with an email, which your ACL snippet simply counts (if
I've got that right ?). What I mind about is the depth, since this
causes both ClamAV and SA serious woes when you get some misconfigured
mail server nesting bounce messages over and over.

<wishlist coder="Tom">

For the Mime ACL could we have something like $mime_nesting_depth ? Then
it'd be a doddle to block stupidly deep attachments :-) It of course
might affect chain letters, but who's worrying there ? ;-)

</wishlist>

Jerry.
-- 
Jerry Nicholls                       E: Jerry.Nicholls@???
Core & Network Operations Manager    W:            http://www.zen.co.uk/
Zen Internet Ltd.                    T:                    0845 058 9000
                                     F:                    0845 058 9005