Scott A Crosby writes: >I disagree. If it only takes 120 messages, 10mbyte of traffic, to lock >up *any* email server using SA for an hour, that is a *nasty* DoS. A >spammer can purposely seed their spam run with these messages of >doom. Now, the victims either get the spam (if they don't run SA) or >they don't get any email at all (if they do run SA). Given this >choice, mail admins would be forced to disable SA just so that their >email servers survive.
See, the issue I see here is: how is that different from an attacker sending hundreds of 10meg mails? or millions of 400 byte ones? ie. where does it cross the line between "absurd and only defensible at the MTA" -- DDoS level -- and "actually a danger". BTW I'm not insinuating these shouldn't be fixed, of course. ;) --j. ------------------------------------------------------- This SF.Net email sponsored by: Free pre-built ASP.NET sites including Data Reports, E-commerce, Portals, and Forums are available now. Download today and enter to win an XBOX or Visual Studio .NET. http://aspnet.click-url.com/go/psa00100003ave/direct;at.aspnet_072303_01/01 _______________________________________________ Spamassassin-talk mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/spamassassin-talk
