On Fri, 25 Mar 2011, Andreas Schulze wrote:
> Dirty hack idea: the feature "--enable-maxverify" enforce
> "SendADSPReports=no".
That was one of the things I proposed. SM suggested just to document it.
Are there any other opinions?
> I would like to know
> - why Todd configured "MaximumSignaturesToVerify 1"
Todd will have to answer that one. :-)
> - the reason, the feature was introduced into opendkim
There was concern that one could craft an attack involving a message with
a huge number of signatures. There are two possible attacks there:
1) each signature is from a different domain, so it will take a long time
grabbing all the keys and doing all the crypto, taking up a thread slot
and an MTA thread or subprocess for a long time; send enough of those and
you can jam up the receiver altogether
2) each signature is from the same domain but a different selector,
causing opendkim to generate a small DNS storm against the domain; send
lots of those to lots of verifiers and you have a DDoS attack
The default for the value is 3.
-MSK
Received on Fri Mar 25 2011 - 13:32:29 PST
This archive was generated by hypermail 2.2.0+W3C-0.50 : Sun May 15 2011 - 15:59:41 PST