[Secure-testing-team] Re: Bug#332259: spampd fails with 'Error in
process_request': Modification of read-only variable in Syslog.pm
Martin Schulze
joey at infodrom.org
Mon Oct 10 05:27:14 UTC 2005
Sven Mueller wrote:
> > Hence, it's rather "one mail falls through" or something. Doesn't sound
> > security-relevant to me.
>
> Well, it's more of an indirect DoS. The mails are rejected with an SMTP
> temporary failure code according to my quick test. This means that those
> mails fill up the sending SMTP daemons queue (which is usually the same
> host or a closely related host to the host spampd runs on).
The mails should be automatically cleaned from the queue when they are
locked in it for too long.
> Apart from that, this is bug is at least a serious problem, since it might
> deny perfectly legal mails from reaching the envelope recipient.
Spam filters usually do that...
Regards,
Joey
--
This is GNU/Linux Country. On a quiet night, you can hear Windows reboot.
More information about the Secure-testing-team
mailing list