On Wed, Mar 20, 2002 at 12:19:04PM -0500, jlewisat_private wrote: > On Wed, 20 Mar 2002, David Ulevitch wrote: > > > I'm sending this forward to incidents for two reasons. > > > > 1) The reason ORBZ appears to have been shut down is because of the > > problem with Lotus Domino servers crashing/hanging when receiving > > bounces with null envelope senders.(check archives for exact issue) > > > > Does anyone have a complete list of any other from addresses/formats that > will cause load issues on Domino. I know from Ian's bugtraq post that > anything@[127.0.0.1] will do it. What about anything@localhost, > anything@[servers-IP], etc.? Has Lotus fixed this in any Domino release, > or are they all brain damaged. [SNIP] There was an article in the Register today about the original posting yesterday. http://www.theregister.co.uk/content/6/24507.html In the story's update section they list this URL: http://www.notes.net/r5fixlist.nsf/6d4eae9850a5c2c28525690400551b57/70113c65e6d726e385256ad50073a906?OpenDocument I don't have a Domino server to play with so I can't confirm, but it appears they have (from what you and the Register say). ---------------------------------------------------------------------------- __o Bradley Arlt Security Team Lead _ \<_ arltat_private University Of Calgary (_)/(_) http://pages.cpsc.ucalgary.ca/~arlt/ Computer Science ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Wed Mar 20 2002 - 16:01:54 PST