Ray Hunter:
> Can Anvil store enough state to be able to track (and filter) a DoS
> attack or resource depletion attack from an individual IPv6 site, whilst
> still being able to provide service to other remote sites, and not
> hogging the host machines resources entirely?
Anvil currently does not consider whether IP addresses in the same
address range. There are plenty legitimate mail servers in the
same /24 block, and I expect that IPv6 will be no different.
When the anvil daemon runs into a memory resource limit, it terminates
with a fatal error message, and it is immediately restarted by the
master daemon. It is not the end of the world.
To arrive at realistic numbers you need to take into consideration
that all anvil requests are mediated by an SMTP daemon process, and
that the SMTP daemon introduces significant latency. If you go too
fast, then you end up SYN-flooding the site.
I don't see why we can't discuss this on list.
Wietse
