iis4.0.smtp.DoS.txt

`Date: Tue, 16 Feb 1999 14:03:43 -0600  
From: Bug Traqqer <[email protected]>  
To: [email protected]  
Subject: Re: IIS 4.0 SMTPSVC vs. QMAIL  
  
  
To all-  
  
if you find this problem happening to you there are fixes on both  
product sides. Qmail has provided a patch for stray line feeds. It is  
available through there site. You will have to ask a qmail expert for more  
info. Micro$oft has patched their smtpsvc.dll to version v5.5.1877.18. It  
can be obtained through Micro$oft if you know what to ask for. In addition  
to the patches we fixed several line feed problems in our vbscripts.  
  
Just wanted to follow up on the original message  
Nelson Bunker  
  
  
<<<<<<<<<<original message starts here>>>>>>>>>>>>>>>>>>>>>  
To whom it may concern--  
  
Our establishment has started to use IIS4.0 option pack SMTP service (post  
SP4) for our outgoing mail. We have had several complaints regarding an  
issue with trying to send mail destined for servers running "Qmail". It  
appears that the Qmail shuts down the connection with out giving an error  
message. In return the IIS Server acts as if nothing happened and tries to  
re-open the connection. I have had report of  
{On Dec. 10 1998, we received approximately 30,000 connections from {this  
address on port 25 from our mail server from midnight until {around 13:30.  
another admin reports 4400 SMTP requests within 10 minutes  
  
I would appear that Microsoft has given away a great DOS attack for QMail...  
has anyone else experienced this problem? SP4 fixed many errors we were  
experiencing with SMTP, but it apparently didn't fix this one.... so far the  
only fix we know of is to delete the offending piece of mail.  
  
Nelson Bunker  
  
`