Hi !!
Is this cookie validation occuring during the incoming SMTP connection
(before DATA)? Could this open a DoS hole or lead to possible deadlocks?
This is done at smtp time, in usal cases it only will need just one dns
lookup. In the case of email forwarding it will need to contact the original
server and stablish a smtp connection with it (like the callout verification
done by Exim)
Or should intermediate MTA's receive the entire message into a sequestered
queue for cookie validation before passing them along?
they could also behave this way, but it's better to do it at smtp time as
this is the better time to reject the message.
--
Best regards ...
Discoveries are made by not following instructions.
----------------------------------------------------------------
David Saez Padros http://www.ols.es
On-Line Services 2000 S.L. e-mail david(_at_)ols(_dot_)es
Pintor Vayreda 1 telf +34 902 50 29 75
08184 Palau-Solita i Plegamans movil +34 670 35 27 53
----------------------------------------------------------------
-------
Sender Permitted From: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to
http://v2.listbox.com/member/?listname(_at_)©#«Mo\¯HÝÜîU;±¤Ö¤Íµø?¡