e6d31c1715
An attacker may use an infinite number of SPF referrals in his/her SPF setting and can send an email to your mail server which would make your SMTP server make a lot of DNS queries. By exploiting this vulnerability, an attacker can block your SMTP queue, flood the associated recursive resolver, or any DNS authoritative server. According to RFC recommendations (https://datatracker.ietf.org/doc/html/rfc7208#section-4.6), a few DNS lookup limits exist that an SMTP server needs to maintain while resolving an SPF record. That is, SPF implementations MUST limit the total number of query-causing terms to 10 and the number of void lookups to 2 to avoid unreasonable load on the DNS. from: Taejoong “Tijay” Chung (tijay@vt.edu) Ishtiaq Ashiq (iashiq5@vt.edu) |
||
---|---|---|
.. | ||
doc | ||
games/lib | ||
include | ||
lib | ||
man | ||
src |