Date: Sat, 22.09.12 23:13
MvdV> Have you forgotten that I got a mail bomb in April this year? I wrote an
MvdV> article about it...
BF> No, of course I haven't. But session passwords can not prevent
BF> that from happening. I'm an NC as well as an RC, and I'm not in Z1
BF> , so I must accept incoming mail from any system.
Might be true, but depending on the mail processor you use
you can set it up so that no archives will be unpacked. raw
.pkt files containing netmail only will be tossed. My
sop has always been that I do the three tiered security
scheme. tHose not in my nodelist or in the nodelist but not secured sessions
won't have their bundles unpacked, nor
echomail be tossed anywhere but bad mail. Raw pkt files
containing netmail will be tossed appropriately.
An nc can still accept mail from anyone using this scheme as he/she is supposed
to, but the security scheme will keep a
mail bomb from being unarchived. The nc can then look at
the unprocessed archive at leisure. Being an nc doesn't
require you to compromise your security if you think about
it, and use software which can implement a decent security
scheme in the first place.
* Origin: (1:116/901)