Re: disregard - one more test, sorry

[Rudra Kamal Sinha Roy <rudrak () gmail com>]

I donno why so much of noise..two days backs suddenly i have been 
unsubscribed of the list..
any reasons?
 Rudra

 On 9/14/05, Dave Aitel <dave () immunitysec com> wrote: 
> Nick Drage wrote:
> > On Fri, Sep 09, 2005 at 10:02:01AM -0400, Dave Aitel wrote:
> >
> >
> > > We're testing the Bounce handler in mailman. Apparantly you can DoS[1]
> > > a mailman instance by signing a thousand people up to a list (which we
> > > did by mistake) then having those thousand people placed into the
> > > bounce queue. This makes mailman's bounce handler grow to use
> > > approximately one gig of ram and all the CPU. To fix this, you need
> > > (it turns out) to set the bounce handling to "on each bounce, just
> > > disable/unsubscribe that person". However, while the bounce handler is
> > > doing it's painful dance, the administrative interface is only
> > > accessible by shutting down mailman (via killall -9 python).
> >
> > If you set this up wouldn't it then be relatively trivial to just
> > unsubscribe/disable every subscriber to the list, as bounce messages are
> > much easier to fake than unsubscribe confirmations?
>
> Any user that's posted, yes. I looked for the option to have all emailed
> GPG signed, but didn't see one. :>
>
> -dave