[8998] in bugtraq

home help back first fref pref prev next nref lref last post

Re: Anonymous Qmail Denial of Service

daemon@ATHENA.MIT.EDU (Antonomasia)
Fri Jan 8 18:09:56 1999

Date: 	Thu, 7 Jan 1999 21:43:34 GMT
Reply-To: Antonomasia <ant@NOTATLA.DEMON.CO.UK>
From: Antonomasia <ant@NOTATLA.DEMON.CO.UK>
To: BUGTRAQ@NETSPACE.ORG

Dan Bernstein writes on BUGTRAQ:

>    There are lots of interesting remote denial-of-service attacks on any
>    mail system. A long-term solution is to insist on prepayment for
>    unauthorized resource use. The tricky technical problem is to make
>    the prepayment enforcement mechanism cheaper than the expected cost
>    of the attacks.

    Hashcash addresses this tricky technical problem.

    http://www.dcs.ex.ac.uk/~aba/hashcash
    http://www.notatla.demon.co.uk/SOFTWARE/software.html

    Hashcash was envisaged as an aid to spam filtering, but I have
    put hooks for it in the program described below to limit
    anonymous DoS attacks.

> On the bright side, mailers are _not_ permitted to discard messages for
> frivolous reasons such as full disks. They have to report the problem to
> the sender, so that the sender can keep the message and try again later.


Angel, my (non-SMTP) MTA with crypto, relies on positive confirmation that
a message _was_ delivered correctly.

Retries are carried out at intervals until the maximum number of retries
is reached. (Note: number of tries, not timeout.  It makes a difference
on machines that are sometimes switched off.)

When the retry limit is reached a new delivery mechanism can be tried
instead (as defined in a config file), or the message can be silently
dropped.  This approach is adopted because the MTA is mainly intended for
anonymous mail so bounces to sender are impossible.

There are no set[ug]id programs involved.  One (or more) writable directories
are used for posting outgoing mail because local attacks are out of the
intended scope.   At additional processing cost you could have a different
posting directory per user.

 Um, almost forgot - contains cryptographic code by Eric Young and Tim Hudson.

--
##############################################################
# Antonomasia   ant@notatla.demon.co.uk                      #
# See http://www.notatla.demon.co.uk/                        #
##############################################################
home help back first fref pref prev next nref lref last post