Re: [PATCH] denial of service (fwd)

Matt Ranney (mjr@RANNEY.COM)
Thu, 12 Jun 1997 12:55:04 -0700

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Rick Byers: "Re: CERT Advisory CA-97.18 - Vulnerability in the at(1) program"
Previous message: Aleph One: "CERT Advisory CA-97.18 - Vulnerability in the at(1) program"

Here is a solution to the qmail denial of service attacks posted
recently. This is a recent message to the qmail list.

-- Matt Ranney - mjr@ranney.com From now on, everything we do shall be funky.

---------- Forwarded message ---------- Date: 12 Jun 1997 15:15:59 +0200 From: "Frank D. Cringle" <fdc@cliwe.ping.de> To: djb-qmail@koobera.math.uic.edu Subject: Re: [PATCH] denial of service

[...] If you are using tcpserver it should be sufficient to set the ulimit once in the startup script. All instances of qmail-smtpd inherit the limit without further overhead. Seems to be working fine here.

echo "Starting tcpserver for qmail-smtpd..." ulimit -d 2048 /usr/local/bin/tcpserver -v -u 61 -g 61 0 smtp /usr/local/bin/tcpcontrol \ /etc/tcp.smtp.cdb /var/qmail/bin/qmail-smtpd 2>&1 | \ /var/qmail/bin/splogger smtpd 3 &

--
Frank Cringle,      fdc@cliwe.ping.de
voice: (+49 2304) 467101; fax: 943357

Next message: Rick Byers: "Re: CERT Advisory CA-97.18 - Vulnerability in the at(1) program"
Previous message: Aleph One: "CERT Advisory CA-97.18 - Vulnerability in the at(1) program"