On Thu, Sep 02, 1999 at 12:01:40PM -0700, Technical Incursion Countermeasures wrote: > You can do a variation on this one (well sort opf - is a logstanding prob) > > basically find two sites whose FW is conf'd to accept all mail and forward > it to the real mailserver. If this mailserver bounces invalid addresses > then you're on your way... > > spoof a mail from an invalid address on one end to an invalid address on > the other. and sit back.. > > the first site will accept the mail (this is the fault - it should reject > if it is to comply with the IETF standard) and pass it inward, the > mailserver then sends an error message to the "sender" and the same > process occurs at the other end... On properly configured systems, this shouldn't be any big deal. Assuming the MTA on one end or the other doesn't detect the double bounce and kill it, you'll only rebound 30 or so times (loop detection varies by configuration). There are far worse DoS's out there... -j
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 15:01:40 PDT