Re: RCPT TO: rejecting

On May 26, 2004, at 3:36 PM, Seth Goodman wrote:

I didn't ask if anyone ever did a CBV on your site, I asked if youknow ofany instances where CBV's were used as a DDoS mechanism. If you knowofany, please say so. Since at least two large providers have thenecessary"attack engines" in place for quite some time, why hasn't this beenused
this to propagate an attack?

No. My description of a DDoS involved several thousand independententities running CBV. "two large providers" isn't sufficient toperform a DDoS.My whole argument is that it shouldn't be deployed because it can. ButI'll take the liberty of dropping a 'D'. We have one managed clientthat has been DoSed by Verizon's CBV. And another that has been DoSedquite regularly by AOL's DSNs.

AOL sees the errors in their bounce architecture. They are correctingit. Why? It is exploits innocent victims. Verizon's use of CBVdoesn't make it okay. They are wrong.

It's an open internet and no one has to answer any connection requestifthey don't care to. On the other hand, if I were a large provider, Icouldsay that I require all senders to answer a CBV if they want me toaccepttheir mail. Some CBV's will go to third parties that did notoriginate themessages, that is true. If those parties object, they can refuse toanswerCBV's from my service. The reason that this hasn't happened, at leastin
any significant way, is that the only salient objections to this _are_
philosophical, not practical, and we are dealing with a huge practical
problem. If you really object to CBV's, I encourage you not to issueany
and to not accept any.

They can't refuse CBV's without refusing real mail. Not acceptingCBV's is quite challenging as they are "disguised" as normal SMTPtransaction initiations. If it were possible to not allow CBVs in astraight forward way, the problem wouldn't be what it is.

You misrepresent what I am saying. I am arguing that it is a uselessDDoSmechanism because it is trivial to terminate by refusing any MAILFROM:<>connection request. Terminating those connections does take someresources,
but it's not crippling.

Terminating those connections is quite expensive and on a large scalecan cripple a system. And rejecting MAIL FROM:<> is not RFC compliant.I shouldn't have to break the RFC to protect myself from CBV attacks.



// Theo Schlossnagle
// Principal Engineer -- http://www.omniti.com/~jesus/
// OmniTI Computer Consulting, Inc. -- http://www.omniti.com/
// Ecelerity: fastest MTA on Earth

<Prev in Thread]	Current Thread	[Next in Thread>
SV: RCPT TO: rejecting, Lars Dybdahl RE: RCPT TO: rejecting, Seth Goodman Re: RCPT TO: rejecting, Theo Schlossnagle RE: RCPT TO: rejecting, Seth Goodman RE: RCPT TO: rejecting, George Mitchell Re: RCPT TO: rejecting, Theo Schlossnagle RE: RCPT TO: rejecting, Seth Goodman Re: RCPT TO: rejecting, Theo Schlossnagle <= RE: RCPT TO: rejecting, Seth Goodman Re: RCPT TO: rejecting, Theo Schlossnagle RE: RCPT TO: rejecting, Seth Goodman Re: RCPT TO: rejecting, Theo Schlossnagle domainkeys, Chris Drake Re: RCPT TO: rejecting, Mark RE: RCPT TO: rejecting, Seth Goodman Re: RCPT TO: rejecting, Lou Katz RE: RCPT TO: rejecting, Seth Goodman Re[2]: RCPT TO: rejecting, Chris Drake