On Sun, 19 Nov 2006, Markus Stumpf wrote:
while I agree that there is some potential for a attack I don't see
it as a really big problem.
I agree.
4) It is easy for the MTA to check for the length of the EHLO argument
and ensure that it fits in one UDP packet
The SMTP server should not try to resolve the EHLO/HELO argument.
There is nothing to learn from by resolving this argument. It just adds
to the DNS load, and it increases the time to handle a signle message.
This then reduces the rate at which the mail server can process
messages, and increases the resources consumed by the email server.
(gun-foot-fire-aim)
--
Av8 Internet Prepared to pay a premium for better service?
www.av8.net faster, more reliable, better service
617 344 9000