fork of 9front i guess
e6d31c1715
An attacker may use an infinite number of SPF referrals in his/her SPF setting and can send an email to your mail server which would make your SMTP server make a lot of DNS queries. By exploiting this vulnerability, an attacker can block your SMTP queue, flood the associated recursive resolver, or any DNS authoritative server. According to RFC recommendations (https://datatracker.ietf.org/doc/html/rfc7208#section-4.6), a few DNS lookup limits exist that an SMTP server needs to maintain while resolving an SPF record. That is, SPF implementations MUST limit the total number of query-causing terms to 10 and the number of void lookups to 2 to avoid unreasonable load on the DNS. from: Taejoong “Tijay” Chung (tijay@vt.edu) Ishtiaq Ashiq (iashiq5@vt.edu) |
||
|---|---|---|
| 386 | ||
| 68000 | ||
| 68020 | ||
| acme | ||
| adm/timezone | ||
| amd64 | ||
| arm | ||
| arm64 | ||
| lib | ||
| mips | ||
| power | ||
| power64 | ||
| rc | ||
| sparc | ||
| sparc64 | ||
| spim | ||
| sys | ||