[Mimedefang] OT: New Attack/Poor SPAMming programming?

Ben Kamen bkamen at benjammin.net
Thu Jan 11 15:45:48 EST 2007


David F. Skoll wrote:
> 
> Yep.
> 
> I've set this in sendmail.mc:
> 
> define(`confTO_COMMAND',`40s')
> 
> and haven't noticed any ill effects.  It is a DoS waiting to happen,
> because the default Timeout.command is 1 hour!  If you want to kill
> someone's machine, just open up lots of connections to port 25 and sit
> doing nothing.  If you have control of many zombie machines, you can
> fill up the victim's process table in a trice while consuming almost
> no resources on your botnet.

Hahah, I just finished setting that (I used '1m') ...

Thanks for the advice... And thanks for putting up with a post like 
that here. The sendmail list is usually clogged with much more neophyte admins
asking how to get sendmail running...

 -Ben

-- 
Ben Kamen
=============================================================================
Email: bkamen AT benjammin DOT net              Web: http://www.benjammin.net

Remember that whatever misfortune may be your lot, it could only be
worse in Cleveland.
		-- National Lampoon, "Deteriorada"



More information about the MIMEDefang mailing list