For those of us that feel strongly that email should be a rel iable transport medium.
Kevin Miller
Kevin_Miller at CI.JUNEAU.AK.US
Tue Feb 10 22:49:24 GMT 2004
>That will mean the bounce header name will have to be fixed and
>non-configurable. Which may be a good thing anyway. Slightly
>worried that it opens up an attack route though. Someone could
> pile in mail containing the bounce header, and you would quietly
>delete it. So someone could DoS your mail servers without you
>being able to work out why. Not sure I want to do that.
>Thoughts?
Kind of a Pandora's box here isn't it. Initial things that come to mind is
a counter added that either writes it's own log, or sticks it in the usual
spot then add some parsing to check_mailscanner.pl (or whatever it's called
- too lazy to look) and do a count at start/restart. If over, say, 100,
then maybe it's a DoS and a notice sent to postmaster? It would have to be
reset to 0 by check_mailscanner.pl if under the trigger level so we don't
accumulate hits over time.
Probably something Kevin Spicer could add to mailscanner-mrtg pretty easily
if he was so inclined as well. A quick graphical interface is always jiffy.
I'm probably just being thick, but I'm not sure if it's worth all the
effort. I suspect that the majority of bounces I get aren't from sites
running MailScanner, so most likely I'll rarely, if ever, see one of those
headers. Since I don't bounce spam I'd never send one.
Realistically, between doing a forward of spam to a holding account, and the
use of whitelists I don't see why mail should be missed. Critical accounts
would waltz in un-spammified and non-critical account messages would be
easily retrieved by the users. But that's just me.
I guess my vote would be to just leave the bounce option in place w/some
really strong comments preceeding on why it's a Really Bad Thing to enable
it. Just my .02 worth...
...Kevin
--
Kevin Miller Registered Linux User No: 307357
CBJ MIS Dept. Network Systems Administrator, Mail
Administrator
155 South Seward Street ph: (907) 586-0242
Juneau, Alaska 99801 fax: (907 586-4500
More information about the MailScanner
mailing list