Question on the DoS

[Matt <qm...@chilitech.com>]

Hi,
Does anyone have more information on the DoS that apparently is
available in version 2.64 <?
I ask because I'm curious to know more about it and just how serious of
a problem it is.   
Does it simply cause perl to stop?  Does it cause the spamd to break? 
If spamd is running via a daemon, will it restart? etc
-- 
Matt <qm...@chilitech.com>

Re: Question on the DoS

[Matt Kettler <mk...@evi-inc.com>]

At 08:21 AM 8/20/2004, Matt wrote:
>Hi,
>Does anyone have more information on the DoS that apparently is
>available in version 2.64 <?
>I ask because I'm curious to know more about it and just how serious of
>a problem it is.
>Does it simply cause perl to stop?  Does it cause the spamd to break?


Note: I'm not a SA programer, I don't play one on TV. I'm speaking from an 
un-educated standpoint based on casual code inspection.

I think it's pretty obvious not a lot of detail about the DoS is available 
on purpose, to give people a chance to upgrade before the spammers figure 
out how to abuse it and start killing mailservers.

based on some 2.63 vs 2.64 diffs, results of the exploit would likely be a 
heavily choked server. Not critical, but enough to grind your mail 
processing to a complete halt until you cleared up the problem by hand.