ietf-asrg
[Top] [All Lists]

[Asrg] Race conditions at end of DATA

2003-03-07 13:32:23
From: list-ietf-antispam(_at_)faerber(_dot_)muc(_dot_)de 
(=?ISO-8859-1?Q?Claus_F=E4rber?=)

David F. Skoll <dfs(_at_)roaringpenguin(_dot_)com> schrieb/wrote:
The scanning is done at the end of the DATA phase while the sender is
waiting for the final acknowledgement.  The recommended timeout here
according to RFC 2821 is 10 minutes, so adding under a second of
content-scanning shouldn't be a problem.

The problem is that this phase is the one vulnerable to race conditions:

This is true.

If the connection breaks between accepting the message and getting the
response through to the sender, a dupe will be created. So it's
desireable to keep that period of time as short as possible.

Right.  But the race condition is there whether you do scanning or not.
It's an inherent limitation of the protocol.

We have about 40 deployments of our commercial scanning solution, and
probably thousands of the GPL'd version, and I haven't heard of anyone
getting a dupe because of this race condition.  To cause a problem,
the scanner would have to take an unreasonably long time, and the
sending relay would have to have an unreasonably short timeout.

--
David.
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg



<Prev in Thread] Current Thread [Next in Thread>
  • [Asrg] Race conditions at end of DATA, David F. Skoll <=