[SURBL-Discuss] Re: SURBL DoS possible?

Mariano Absatz el.baby at gmail.com
Thu Jul 29 12:40:20 CEST 2004


On Thu, 29 Jul 2004 09:24:31 -0500, Bob Apthorpe
<apthorpe+sa at cynistar.net> wrote:
> On Thu, 29 Jul 2004 10:40:44 -0300 Mariano Absatz <el.baby at gmail.com> wrote:
> 
> > I was wondering...
> [...]
> > What would happen if a spammer intentionally starts putting hundreds
> > of different invisible random URIs within the message trying to DoS
> > SURBL?
> 
> One can compensate for this by testing only a few, visible URIs, or
> skipping the RHSBL tests altogether and triggering the
> "MAIL_HAS_CRAPLOAD_OF_INVISIBLE_URIS" rule. Or something like that.
Right... but I don't want to get rid of SURBL... it is working very
nicely, it finds a lot of spam and I have yet to find a FP myself
(though others have seen them)...

My question is more to the people that developed the SURBL plugins for
SA (or those that have read and understood them), to know if there's
something in the plugins to avoid a DoS attempt of this kind.

Thanx for your reply, anyway.

-- 
Mariano Absatz - El Baby
el (dot) baby (AT) gmail (dot) com
el (punto) baby (ARROBA:@) gmail (punto) com


More information about the Discuss mailing list