[16654] in bugtraq
Re: WebShield SMTP infinite loop DoS Attack
daemon@ATHENA.MIT.EDU (Gaspar, Carson)
Thu Sep 7 23:16:21 2000
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Message-ID: <14776.10150.236136.680449@taltos.tla.org>
Date: Thu, 7 Sep 2000 19:41:26 -0400
Reply-To: carson@tla.org
From: "Gaspar, Carson" <carson@tla.org>
X-To: Ash Hamid <ash_hamid@NAI.COM>
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: <20000907163419.9153.qmail@securityfocus.com>
>>>>> "Ash" == Ash Hamid <ash_hamid@NAI.COM> writes:
Ash> 1) WebShield and Mail server are on the same box
Not uncommon.
Ash> 2) The "Direct Send" option has been enabled In the
Ash> WebShield Configuration Screen "Delivery" - "Mail
Ash> Send" Section of the product.
Not uncommon.
Ash> 3) DNS has been enabled with a MX record resolving
Ash> both "mydomain.com" & "mydomain.com." (trailing
Ash> period)
For those folks who think the above makes any sense, here's a brief primer
on DNS. "foo.com" is just an abbreviation for "foo.com.", as "." is the top
level domain. If an MX record exists for "mydomain.com", an MX record exists
for "mydomain.com.". Always. The above nonsense should be ignored.
Perhaps we could have someone at NAI who actually understands how DNS works
respond?
Ash> As the work around allows mail to be delivered as
Ash> expected, no hotfix has been scheduled for this issue.
<sigh> And I thought NAI had gotten better...
--
Carson Gaspar -- carson@tla.org
Queen Trapped in a Butch Body
