Modern SMTP systems already handle this. Whether a server supported
pipelining or not, the closest thing to a DoS attack would be a bulk
spammer who ignores all responses codes.
How the handles spammers who blast streams of input data with total
disregard to response codes is the important thing here.
How does this relate to SPF?
Sincerely,
Hector Santos, CTO
Santronics Software, Inc.
http://www.santronics.com
http://www.winserver.com/wcsap (Wildcat! Sender Authentication Protocol)
http://www.winserver.com/spamstats (WcSAP Anti-Spam Stats)
----- Original Message -----
From: "Scott Kitterman" <spf2(_at_)kitterman(_dot_)com>
Newsgroups: spf.-.sender.policy.framework.discussion
To: <spf-discuss(_at_)v2(_dot_)listbox(_dot_)com>
Sent: Friday, April 08, 2005 10:57 AM
Subject: [spf-discuss] SMTP Pipelining
Some of you may recall the recent discussion on DNS loading ;)
At one point in the discussion, there was some disagreement over whether
multiple SMTP commands could be sent in a single packet. IIRC, based on
testing, it appeared that some MTAs supported this and some didn't.
I recently ran across RFC 2920, SMTP Service Extension for Command
Pipelining, which clears it up for me:
http://www.ietf.org/rfc/rfc2920.txt
It seems to me that the risk of DNS overload due to a DoS attack, as
described in the previous thread, might be significantly greater for SMTP
servers that have pipelining enabled.
Perhaps a note to this effect might be in order in the -01 draft?
Any thoughts?
Scott Kitterman
-------
Sender Policy Framework: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
Read the whitepaper! http://spf.pobox.com/whitepaper.pdf
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to
http://v2.listbox.com/member/?listname=spf-discuss(_at_)v2(_dot_)listbox(_dot_)com