Re: SMTP server account probing

[Valdis.Kletnieks () VT EDU (Valdis.Kletnieks () VT EDU)]

--==_Exmh_-10015426P
Content-Type: text/plain; charset=us-ascii

On Tue, 09 Mar 1999 09:36:04 PST, you said:
> Perhaps someone with better sendmail experience could come up with an idea
> to automatically disconnect connections that are issuing more than 25 VRFY
> statements at a time?

Wrong solution.  They'll just reconnect and try another 25.  All you've bought
then is an extra fork() of the sendmail daemon every 25 pokes.  Remember,
these people don't give a s**t if they waste your resources...

Maybe what's needed is a new ioctl on a socket, so you can do this:

    if (vrfy_cnt > 25) {
        ioctl(net_socket,SO_NOSENDFIN);
        clkose(net_socket);
    }

so you can free up the socket at YOUR end, and intentionally fail to
send the FIN packet, so the OTHER end gets to wait for a timeout.

Yes, yes, yes, I *KNOW* it's Evil and Against The RFCs.  But it's tempting. ;)

--
                                Valdis Kletnieks
                                Computer Systems Senior Engineer
                                Virginia Tech


--==_Exmh_-10015426P
Content-Type: application/pgp-signature

-----BEGIN PGP MESSAGE-----
Version: 2.6.2

iQCVAwUBNuWNz9QBOOoptg9JAQGKugQAvrh/JXICvFpWsu5oGH9RH0JXx9SheZJL
PbzBVg2OPouPHvqG3UU012nJj8489OJ79a4kLpFDGYERjScrNqxnU5QdMqlr+GXV
SFNRGV/AqigZEFkf1/GEvnluTDX1KdaXb98pAKE9Ni664F4NyhQaYNcbY4JBJT6T
m7m9DJmYjdI=
=MPrZ
-----END PGP MESSAGE-----

--==_Exmh_-10015426P--