-----Original Message----- From: Mariano Absatz [mailto:el.baby@gmail.com] Sent: Thursday, July 29, 2004 9:41 AM To: SURBL discussion list; SpamAssassin users list Subject: SURBL DoS possible?
I was wondering...
I didn't look at the source code for the SpamCopURI or the SA 3.0 plugin but I guess it just looks for URI's within the messages and issues a DNS query to the configured SURBLs for every different canonicalized domain name... is it?
What would happen if a spammer intentionally starts putting hundreds of different invisible random URIs within the message trying to DoS SURBL?
Does the SA plugins check for this condition? Or have a limit as to how many SURBL queries will it issue for a given message?
TIA
It picks a random sample of URLs. This was one of the main concerns when we started talking about this feature. We're always one step ahead of Mr. Spammy ;)
--Chris