Re: WebShield SMTP infinite loop DoS Attack

["Gaspar, Carson" <carson () tla org>]

> > > > > "Ash" == Ash Hamid <ash_hamid () NAI COM> writes:

Ash> 1) WebShield and Mail server are on the same box

Not uncommon.

Ash> 2) The "Direct Send" option has been enabled In the
Ash> WebShield Configuration Screen "Delivery" - "Mail
Ash> Send" Section of the product.

Not uncommon.

Ash> 3) DNS has been enabled with a MX record resolving
Ash> both "mydomain.com" & "mydomain.com." (trailing
Ash> period)

For those folks who think the above makes any sense, here's a brief primer
on DNS. "foo.com" is just an abbreviation for "foo.com.", as "." is the top
level domain. If an MX record exists for "mydomain.com", an MX record exists
for "mydomain.com.". Always. The above nonsense should be ignored.

Perhaps we could have someone at NAI who actually understands how DNS works
respond?

Ash> As the work around allows mail to be delivered as
Ash> expected, no hotfix has been scheduled for this issue.

<sigh> And I thought NAI had gotten better...

--
Carson Gaspar -- carson () tla org
Queen Trapped in a Butch Body