John R Levine wrote:
No, I meant where the data in a single DATA connection never stops,
since that is the alleged problem that this argument is about.
If, as I suspect, it has never happened in the entire history of the
Internet, why in the world is anyone wasting time worrying about it?
The scenario you describe is rare enough and has little enough impact
that you could deal with it by hand.
I guess the thing is that it COULD be used as a DoS attack - quite
easily. However, it doesn't seem to be, because there are lots of other
ways of doing a DoS attack - and those are possibly better. A 'lasting
forever' connection is more likely to be spotted by someone than lots of
smaller connections, so I would suspect that botnet operators would
prefer the latter to the former.
A rotating set of 10,000 bots at a time flooding your server with small
messages is less likely to be spotted or stoppable than a fixed set of
10,000 bots trying to send infinitely long messages. If nothing else,
the latter will almost definitely NOT fill up the server's disk (most
servers will start discarding data after it gets over a certain amount),
whereas the former could well do so.
--
Paul Smith
VPOP3 - POP3/SMTP/IMAP4/Webmail Email server for Windows