Email ???
Les Mikesell
lesmikesell at gmail.com
Tue May 1 14:35:13 UTC 2007
Steve Friedman wrote:
>> How does it work? If it pauses the current connection with that server,
>> independently of any other system trying to send you mail, then only one
>> thing at a time gets delayed, so it shouldn't be a DOS. But if sendmail
>> pauses completely while one thing talks to it, and won't do anything
>> else until that task is completed, yes, I see potential problems.
>>
>
> It's a DoS because the system can have only a finite number of sockets
> open (this is both a kernel limit and a postfix tuning parameter limit),
> and greet pause ties them up doing nothing for a period of time. Recall
> that postfix is written to support many operating systems and not all
> OSs (especially the older ones, e.g., linux 2.4) support epoll (enabling
> greater than 1024 elements in the select()). Consequently, on an active
> server, legitimate connections will be denied because of a lack of an
> available socket and thus you've denied service to a legit user.
Good luck at explaining that to rabid anti-spam fanatics who don't care
how much damage they cause others in their quest to avoid having to hit
the delete key.
--
Les Mikesell
lesmikesell at gmail.com
More information about the fedora-list
mailing list