[SURBL-Discuss] RE: SURBL DoS possible?

Chris Santerre csanterre at merchantsoverseas.com
Thu Jul 29 13:35:25 CEST 2004



>-----Original Message-----
>From: Mariano Absatz [mailto:el.baby at gmail.com]
>Sent: Thursday, July 29, 2004 9:41 AM
>To: SURBL discussion list; SpamAssassin users list
>Subject: SURBL DoS possible?
>
>
>I was wondering...
>
>I didn't look at the source code for the SpamCopURI or the SA 3.0
>plugin but I guess it just looks for URI's within the messages and
>issues a DNS query to the configured SURBLs for every different
>canonicalized domain name... is it?
>
>What would happen if a spammer intentionally starts putting hundreds
>of different invisible random URIs within the message trying to DoS
>SURBL?
>
>Does the SA plugins check for this condition? Or have a limit as to
>how many SURBL queries will it issue for a given message?
>
>TIA
>

It picks a random sample of URLs. This was one of the main concerns when we
started talking about this feature. We're always one step ahead of Mr.
Spammy ;)

--Chris


More information about the Discuss mailing list