On Sun, Sep 03, 2000 at 10:32:19PM -0400, Sam Varshavchik wrote:
FYI, in all the years I've run mail servers, I've never seen SMTP sessions
under Qmail or Sendmail hang on for days on end because of such
"troublesome" timeout settings...
But this approach is vulnerable to being teergrubed. The hard timeout is
there to minimize the impact of being teergrubed.
Absolutely - no-one ever said security was easy :-)
As is always, it's always a compromise between usability and security.
As far as this "bandwidth" issue goes, don't forget that vast reams of the
Internet are still running on ~64Kb links. Here in New Zealand I'd say
that'd more likely be the norm than the exception... (we're a LOOOOONG way
away from everyone else - and those distances cost $$$).
What about making such timeouts configurable, set them to defaults you're
happy with as being more "teergrub-resistant", and document what to change
for the poor-old site who need longer timeouts. Let's face it, DoS attacks
against slow sites are just to boringly easy for anyone to bother with ;-)