I think the point is that the attack may result from a mis-configured MTA that
loops on the 'spam' or soem other anomaly, I don't think it would take a
malicious user to do it, I will look again (because I like the idea of call
back).
-e
On Saturday, March 29, 2003 7:41 PM, mathew [SMTP:meta(_at_)pobox(_dot_)com]
wrote:
On Friday, Mar 28, 2003, at 10:39 US/Eastern, David F. Skoll wrote:
1 - NastySpammer sends millions of connections from thousands of 0wned
hosts, and suddenly poor victim gets a DDoS from all the callbacks
from hosts attempting to receive the purported mail.
That's really no different from the same person having the 0wned hosts
directly DDoS the victim, or having the 0wned hosts send out ping
packets with the victim's IP address. Already illegal most places, and
the spammer already has the capability, so the proposal isn't making
anything worse.
I think that objecting to a proposal because it allows bad guys to
mount an attack they can already mount is a bit nit-picky.
mathew
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg