atom feed16 messages in net.sourceforge.lists.courier-usersRe: [courier-users] Re: courier tmp d...
FromSent OnAttachments
Jan MachAug 10, 2000 2:42 am 
Jan MachAug 10, 2000 4:57 am 
Jan MachAug 10, 2000 7:03 am 
Jan MachAug 10, 2000 9:08 am 
Jan MachAug 10, 2000 10:16 am 
Jan MachAug 11, 2000 6:36 am 
Jan MachAug 18, 2000 6:57 am 
Jan MachSep 1, 2000 4:04 am 
Jan MachSep 1, 2000 5:22 am 
Jan MachSep 1, 2000 10:48 am 
Honza MachSep 2, 2000 8:10 am 
Honza MachSep 2, 2000 11:41 am 
Honza MachSep 2, 2000 1:21 pm 
Jason HaarSep 3, 2000 1:45 pm 
Jason HaarSep 3, 2000 5:53 pm 
Jason HaarSep 3, 2000 9:26 pm 
Subject:Re: [courier-users] Re: courier tmp directory - with some diagnostic
From:Jason Haar (Jaso@trimble.co.nz)
Date:Sep 3, 2000 9:26:23 pm
List:net.sourceforge.lists.courier-users

On Sun, Sep 03, 2000 at 10:32:19PM -0400, Sam Varshavchik wrote:

FYI, in all the years I've run mail servers, I've never seen SMTP sessions under Qmail or Sendmail hang on for days on end because of such "troublesome" timeout settings...

But this approach is vulnerable to being teergrubed. The hard timeout is there to minimize the impact of being teergrubed.

Absolutely - no-one ever said security was easy :-)

As is always, it's always a compromise between usability and security.

As far as this "bandwidth" issue goes, don't forget that vast reams of the Internet are still running on ~64Kb links. Here in New Zealand I'd say that'd more likely be the norm than the exception... (we're a LOOOOONG way away from everyone else - and those distances cost $$$).

What about making such timeouts configurable, set them to defaults you're happy with as being more "teergrub-resistant", and document what to change for the poor-old site who need longer timeouts. Let's face it, DoS attacks against slow sites are just to boringly easy for anyone to bother with ;-)

-- Cheers

Jason Haar

Unix/Network Specialist, Trimble NZ Phone: +64 3 9635 377 Fax: +64 3 9635 417