Re: way to limit recipients of messages submitted via sendmail

On Tue, Jun 15, 2004 at 06:50:44PM -0400, Victor.Duchovni@MorganStanley.c=
om wrote:
> On Tue, 15 Jun 2004, Will Yardley wrote:

> > Is there a way to limit the number of recipients for messages
> > submitted via /usr/sbin/sendmail (=E0 la smtpd_recipient_limit) in
> > Postfix 1.x?

> Nothing except message_size_limit, so ultimately there is a limit,
> since all the recipients must fit in the queue file, but this
> is likely not what you are looking for. Which brings us to the
> question:
>
> What problem are you solving?

Just looking for a way to limit the damage when a user script gets
exploited (if a spammer is able to specify a billion recipient
addresses, the damage can be much worse than if they're restricted to
a small number of recipients).

Obviously this is not a great solution, and we are looking into other,
more permanent solutions, but it would at least help reduce the damage
(particularly when the spammer is using a general-purpose exploit that's
not targeted to a particular site or webhost).

We thought about limiting the smtpd_recipient_limit on the smarthost
machine that all of this mail ultimately goes out, but that doesn't help
much since it just sends a 4xx reject to the user machine which then
resends in another SMTP transaction (I guess if we could get JUST
rejects due to smtpd_recipient_limit to send a 5xx error, that might
work).

--=20
"Since when is skepticism un-American?
Dissent's not treason but they talk like it's the same..."
(Sleater-Kinney - "Combat Rock")