[9861] in bugtraq
Re: SMTP server account probing
daemon@ATHENA.MIT.EDU (Valdis.Kletnieks@VT.EDU)
Tue Mar 9 17:47:48 1999
Date: Tue, 9 Mar 1999 16:08:32 -0500
Reply-To: Valdis.Kletnieks@VT.EDU
From: Valdis.Kletnieks@VT.EDU
X-To: "John E. Martin" <jem@LAINET.COM>
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To: Your message of "Tue, 09 Mar 1999 09:36:04 PST."
<199903091732.JAA15133@mailhost.lainet.com>
--==_Exmh_-10015426P
Content-Type: text/plain; charset=us-ascii
On Tue, 09 Mar 1999 09:36:04 PST, you said:
> Perhaps someone with better sendmail experience could come up with an idea
> to automatically disconnect connections that are issuing more than 25 VRFY
> statements at a time?
Wrong solution. They'll just reconnect and try another 25. All you've bought
then is an extra fork() of the sendmail daemon every 25 pokes. Remember,
these people don't give a s**t if they waste your resources...
Maybe what's needed is a new ioctl on a socket, so you can do this:
if (vrfy_cnt > 25) {
ioctl(net_socket,SO_NOSENDFIN);
clkose(net_socket);
}
so you can free up the socket at YOUR end, and intentionally fail to
send the FIN packet, so the OTHER end gets to wait for a timeout.
Yes, yes, yes, I *KNOW* it's Evil and Against The RFCs. But it's tempting. ;)
--
Valdis Kletnieks
Computer Systems Senior Engineer
Virginia Tech
--==_Exmh_-10015426P
Content-Type: application/pgp-signature
-----BEGIN PGP MESSAGE-----
Version: 2.6.2
iQCVAwUBNuWNz9QBOOoptg9JAQGKugQAvrh/JXICvFpWsu5oGH9RH0JXx9SheZJL
PbzBVg2OPouPHvqG3UU012nJj8489OJ79a4kLpFDGYERjScrNqxnU5QdMqlr+GXV
SFNRGV/AqigZEFkf1/GEvnluTDX1KdaXb98pAKE9Ni664F4NyhQaYNcbY4JBJT6T
m7m9DJmYjdI=
=MPrZ
-----END PGP MESSAGE-----
--==_Exmh_-10015426P--
