Re: SLMail 2.6 DoS - Imail also

[mark.symons () za eds com (Mark Symons)]

There have recently been a couple of messages concerning DoS attacks on
NT-based SLMail and IMail SMTP servers.  At the end of January, a
similar report was made concerning IMail's POP3 server.

Jon[SMTP:steven () EFNI COM] wrote:

>  A long string of text after a command makes
> the program (SLMail) crash.

(Snip)

>  It will stay unresponsive until manually restarted.

(Snip)

>  Out of boredom, I tried another smtp daemon for Windows,
> IMail (I tried 4.03) by IPSwitch (www.ipswitch.com). Which
> crashed the same way. Pretty strange, I've only tried two
> windowsNT smtp daemons, and both crashed the same way...

I cannot comment on SLMail, but John Junod (author of IMail) says the
following:

# That "bug" by the way, doesn't cause IMail any problems.
# It only causes the "hacker" a problem since IMail won't
# release the connection and won't accept any more input
# from them until they drop the connection and reconnect.
# It does not affect any other sessions to the SMTP server.
# The session does drop cleanly freeing all resources as
# designed either when the "hacker" breaks the connection
# or when the timeout occurs, whichever occurs first.


Mark Symons
EDS Africa
mark.symons () za eds com