On 14 Jul 2005 at 12:57, Michael Haardt wrote about
"Re: [exim] DoS attack with nested M":
|...
| Tom, if you read this: How about something like mime_nesting_depth and
| mime_total_count? I am sure many people want to limit both using ACLs,
| once the crap above hits them.
That would be handy. FWIW, you can test $mime_content_type to count
message/rfc822 parts in an ACL variable. I can't see a way to
differentiate nested from successive parts (other than possibly at
the top level via $mime_is_rfc822), but rejecting after exceeding
some reasonable limit on the total count of message/rfc822 parts
would probably be effective.
- Fred
