Bugtraq mailing list archives
Re: Anonymous Qmail Denial of Service
From: ant () NOTATLA DEMON CO UK (Antonomasia)
Date: Thu, 7 Jan 1999 21:43:34 GMT
Dan Bernstein writes on BUGTRAQ:
There are lots of interesting remote denial-of-service attacks on any mail system. A long-term solution is to insist on prepayment for unauthorized resource use. The tricky technical problem is to make the prepayment enforcement mechanism cheaper than the expected cost of the attacks.
Hashcash addresses this tricky technical problem. http://www.dcs.ex.ac.uk/~aba/hashcash http://www.notatla.demon.co.uk/SOFTWARE/software.html Hashcash was envisaged as an aid to spam filtering, but I have put hooks for it in the program described below to limit anonymous DoS attacks.
On the bright side, mailers are _not_ permitted to discard messages for frivolous reasons such as full disks. They have to report the problem to the sender, so that the sender can keep the message and try again later.
Angel, my (non-SMTP) MTA with crypto, relies on positive confirmation that a message _was_ delivered correctly. Retries are carried out at intervals until the maximum number of retries is reached. (Note: number of tries, not timeout. It makes a difference on machines that are sometimes switched off.) When the retry limit is reached a new delivery mechanism can be tried instead (as defined in a config file), or the message can be silently dropped. This approach is adopted because the MTA is mainly intended for anonymous mail so bounces to sender are impossible. There are no set[ug]id programs involved. One (or more) writable directories are used for posting outgoing mail because local attacks are out of the intended scope. At additional processing cost you could have a different posting directory per user. Um, almost forgot - contains cryptographic code by Eric Young and Tim Hudson. -- ############################################################## # Antonomasia ant () notatla demon co uk # # See http://www.notatla.demon.co.uk/ # ##############################################################
Current thread:
- Re: setuid vs. setgid (was Re: Anonymous Qmail Denial of Service), (continued)
- Re: setuid vs. setgid (was Re: Anonymous Qmail Denial of Service) Mark Crosbie (Jan 09)
- Re: setuid vs. setgid (was Re: Anonymous Qmail Denial of Service) Pete Kruckenberg (Jan 09)
- Re: setuid vs. setgid (was Re: Anonymous Qmail Denial of Service) Thamer Al-Herbish (Jan 09)
- Re: setuid vs. setgid (was Re: Anonymous Qmail Denial of Service) Len Budney (Jan 08)
- Re: setuid vs. setgid (was Re: Anonymous Qmail Denial of Service) Thamer Al-Herbish (Jan 08)
- Re: setuid vs. setgid (was Re: Anonymous Qmail Denial of Service) Kragen Sitaker (Jan 09)
- really silly ff.core exploit for Solaris John McDonald (Jan 07)
- ff.core exploit on Solaris (2.)7 Daniel J. Frasnelli (Jan 08)
- Re: ff.core exploit on Solaris (2.)7 Casper Dik (Jan 15)
- L0pht tmp tool and (mini) Advisory Dr. Mudge (Jan 08)
- ff.core exploit on Solaris (2.)7 Daniel J. Frasnelli (Jan 08)
- Re: Anonymous Qmail Denial of Service Antonomasia (Jan 07)
- Re: Anonymous Qmail Denial of Service D. J. Bernstein (Jan 09)
- Re: Anonymous Qmail Denial of Service Wietse Venema (Jan 10)
- Keeping Solaris up-to-date John RIddoch (Jan 11)
- Keeping any up-to-date? Randolf-Heiko Skerka (Jan 13)
- Re: Keeping any up-to-date? Ciaran Deignan (Jan 15)
- Re: Keeping any up-to-date? Peter May (Jan 15)
- Administrivia Aleph One (Jan 12)
- Tracing by uid u after root does setuid(u) D. J. Bernstein (Jan 12)
- Re: Tracing by uid u after root does setuid(u) Wietse Venema (Jan 13)
- Re: Tracing by uid u after root does setuid(u) Casper Dik (Jan 13)