[Top] [All Lists]

Re: DoS attacks (was Re: SMTP Transferred-By-Reference)

2007-11-16 15:50:25

At 12:01 am -0500 16/11/2007, Valdis(_dot_)Kletnieks(_at_)vt(_dot_)edu wrote:
On Fri, 16 Nov 2007 14:46:29 +1300, Glenn Anderson said:

 I don't believe it to be a simple problem for the spammers and bot
 architects to solve. Not only do they need to start keeping track of
 state, they need to keep track of a lot of state (the volume of
 messages they are trying to send is huge), which requires a lot more
 resources, and they need to manage CPU and network resources such
 that they are available for them to retry later.

Oh, hogwash.

Years ago (1995 timeframe), I was able to do a million RCPT TO's/day from a
listserv machine, using Sendmail on an IBM RS6000-250.  Little pizza box, 256M
of memory, a whole whopping 66mz 601E processor.

I don't follow. Your saying that because you could send a million RCPT TOs on a 66MHz 601 back in 1995, the extra overhead of having to track state information won't negatively impact the rate at which bots can attempt to send spam?

If spammers can't write code
tight enough to do so un-noticed on today's consumer boxes, there's something
*seriously* wrong.

I don't see how that makes any difference, unless you have some reason to believe that current bots that don't track state are very inefficient, or aren't utilizing as much CPU and network bandwidth as they could be.