Hello,
Graeme Fowler wrote:
> However, arbitrary usage of sender callouts against all inbound mail is
> inadvisable as it is very easy to create a DoS condition against a
> remote site. The best example is as follows:
-snip-
That's why exim uses caching per default, which makes _DoS rather
impossible (vs. DDoS, which is still possible of course).
Anyway, given the varying lag in the planet-wide distribution of email,
it is rather unlikely that all callbacks come in within a sufficiently
small timeframe (in order to cause a DoS).
I don't particularly like or dislike callbacks, but I'm forced to make
use of them, and I'm happy with the way they're implemented in exim. In
fact, we've given end-users the means to disable them for their account
(only) - which shifts the legal implications from us to them.
Cheers,
vt
--
Volker T. Mueller
Continum AG
Bismarckallee 7d
79098 Freiburg i. Br.
Tel. +49 761 21711171
Fax. +49 761 21711198
http://www.continum.net
Sitz der Gesellschaft: Freiburg im Breisgau
Registergericht: Amtsgericht Freiburg, HRB 6866
Vorstand: Rolf Mathis, Volker T. Mueller
Vorsitzender d. Aufsichtsrats: Prof. Dr. Karl-F. Fischbach
