Subject: Re: orbs.org and 'Open EMail Relay'
To: None <netbsd-help@netbsd.org>
From: Wolfgang Rupprecht <wolfgang@wsrcc.com>
List: netbsd-help
Date: 04/19/2000 10:17:40
> On Wed, Apr 19, 2000 at 12:06:21PM -0400, Scott Burns wrote:
> > Ok, I have just received my e-mail from orbs.org telling me that my shiny 
> > new NetBSD/i386 V1.4.1 server has the open e-mail relay problem.

Should Netbsd have a minor security advisory on this?

It does seem like this is a mild Denial-Of-Service problem
(eg. filling up /var/spool, clogging the internet connection, filling
up /var/spool a second time with the bounces etc).

In addition this is leaving one wide-open for complaints from 10,000 -
1,000,000 spam-recipients, depending on the type of connection one has
to the internet.  Folks on cable modems may, to their horror, realize
that their sendmail has indeed finished the whole 1 Mega-recipient
spam-run and one can now look forward to a week of complaints coming
in.

-wolfgang
-- 
       Wolfgang Rupprecht <wolfgang+gnus@dailyplanet.wsrcc.com>
		    http://www.wsrcc.com/wolfgang/
DGPS signals via the Internet  http://www.wsrcc.com/wolfgang/gps/dgps-ip.html