QMail RCPT Denial of Service Vulnerability

Solution:
Setting user resource limits on the server process will prevent Qmail from allocating enough memory to cause a denial of service.

The following command will set the maximum amount of memory processes can allocate in the heap to 1 MB.

'ulimit -d 1024'.

If placed in the init scripts, the limit will be put in place whenever the system intializes.

This information was supplied by Dan Bernstein <djb@cr.yp.to>.



 

Privacy Statement
Copyright 2010, SecurityFocus