85305f4bd9
Today, we close the connection after 10 errors. While this is fine for normal use, it is unnecessarily large. Lowering it to 3 helps with defense-in-depth for cross-protocol attacks (e.g. https://alpaca-attack.com/), while still being large enough for useful troubleshooting and normal operation. As part of this change, we also remove the AUTH-specific failures limit, because they're covered by the connection limit.
45 lines
1.1 KiB
Plaintext
45 lines
1.1 KiB
Plaintext
|
|
c tcp_connect localhost:1025
|
|
|
|
c <~ 220
|
|
c -> HELO localhost
|
|
c <~ 250
|
|
c -> MAIL FROM:<test@testy.com>
|
|
c <~ 250
|
|
|
|
c -> RCPT LALA: <>
|
|
c <- 500 5.5.2 Unknown command
|
|
|
|
c -> RCPT TO:
|
|
c <~ 500
|
|
|
|
# Reconnect to avoid getting rejected due to too many errors.
|
|
c close
|
|
c tcp_connect localhost:1025
|
|
c <~ 220
|
|
c -> HELO localhost
|
|
c <~ 250
|
|
c -> MAIL FROM:<test@testy.com>
|
|
c <~ 250
|
|
|
|
c -> RCPT TO:<pepe>
|
|
c <~ 501
|
|
|
|
c -> RCPT TO:<a@xn--->
|
|
c <- 501 5.1.2 Malformed destination domain (IDNA conversion failed)
|
|
|
|
# Reconnect to avoid getting rejected due to too many errors.
|
|
c close
|
|
c tcp_connect localhost:1025
|
|
c <~ 220
|
|
c -> HELO localhost
|
|
c <~ 250
|
|
c -> MAIL FROM:<test@testy.com>
|
|
c <~ 250
|
|
|
|
c -> RCPT TO:<henryⅣ@testserver>
|
|
c <- 550 5.1.3 Destination address is invalid
|
|
|
|
c -> RCPT TO:<aaaa5aaaaXaaaa5aaaaXaaaa5aaaaXaaaa5aaaaXaaaa5aaaaXaaaa5aaaaXaaaa5aaaaXaaaa5aaaaXaaaa5aaaaXaaaa5aaaaXaaaa5aaaaXaaaa5aaaaXaaaa5aaaaXaaaa5aaaaXaaaa5aaaaX@bbbb5bbbbXbbbb5bbbbXbbbb5bbbbXbbbb5bbbbXbbbb5bbbbXbbbb5bbbbXbbbb5bbbbXbbbb5bbbbXbbbb5bbbbXbbbb5bbbbXbbbb5bbbbXbbbb5bbbbXbbbb5bbbbXbbbb5bbbbXbbbb5bbbbX>
|
|
c <- 501 5.1.3 Destination address too long
|