On Thu, 29 Jul 2004 09:24:31 -0500, Bob Apthorpe apthorpe+sa@cynistar.net wrote:
On Thu, 29 Jul 2004 10:40:44 -0300 Mariano Absatz el.baby@gmail.com wrote:
I was wondering...
[...]
What would happen if a spammer intentionally starts putting hundreds of different invisible random URIs within the message trying to DoS SURBL?
One can compensate for this by testing only a few, visible URIs, or skipping the RHSBL tests altogether and triggering the "MAIL_HAS_CRAPLOAD_OF_INVISIBLE_URIS" rule. Or something like that.
Right... but I don't want to get rid of SURBL... it is working very nicely, it finds a lot of spam and I have yet to find a FP myself (though others have seen them)...
My question is more to the people that developed the SURBL plugins for SA (or those that have read and understood them), to know if there's something in the plugins to avoid a DoS attempt of this kind.
Thanx for your reply, anyway.