MTA closing connection after 552 response
- From: eric.havens@xxxxxxxxx
- Date: 2 Aug 2006 13:34:46 -0700
What is considered the proper thing for an MTA to do when a client
sends more than an allowed amount of content in the DATA portion of an
SMTP dialogue?
Assuming the ESMTP SIZE option is being used, then the client has
already been informed of the maximum allowable size, so if the client
exceeds the size, the MTA should have the right to assume the client is
either broken or malicious. Either way, it would be fair for the MTA to
close the connection. However, according to section 3.9 of RFC 2821:
=======================================
An SMTP server MUST NOT intentionally close the connection except:
- After receiving a QUIT command and responding with a 221 reply.
- After detecting the need to shut down the SMTP service and
returning a 421 response code. This response code can be issued
after the server receives any command or, if necessary,
asynchronously from command receipt (on the assumption that the
client will receive it after the next command is issued).
=======================================
So, if an MTA knows that a client has "broken the rules" and sent more
than it was allowed to send what safe thing can it do? If it continues
reading, looking for a QUIT or RSET, what if the client sends multiple
terabytes of data? This sounds like a denial of service attack that the
MTA MUST deal with...
Thanks,
-Eric
.
- Follow-Ups:
- Re: MTA closing connection after 552 response
- From: Kari Hurtta
- Re: MTA closing connection after 552 response
- From: Sam
- Re: MTA closing connection after 552 response
- Prev by Date: Re: procmail forwarding duplicates mails
- Next by Date: Re: how does this spam abuse of Received: header work?
- Previous by thread: procmail forwarding duplicates mails
- Next by thread: Re: MTA closing connection after 552 response
- Index(es):
Relevant Pages
|
