Re: The Real Y2K Threat to Compaq

[mea culpa <jericho () DIMENSIONAL COM>]

Reply From: Russell Coker <russell () coker com au>


> > forwarded the same hoax to thousands more people in the company.  After
> > that, we had another potential virus situation initiated by a Compaq
> > employee who sent a message to all Compaq employees in an entire country.

> Well, of course it's those evil hackers...  It could never be a
> disgruntled employee and 56 cluebies with a "Reply All" button at their
> disposal, could it?  It could never be a company with a single platform,
> with a single email client, with a single email server platform, could it?
>
> *sigh*
>
> When will companies learn that totally homogeneous IT systems fail alot
> harder than heterogeneous ones, especially with simple threats?

That's part of the problem.  The other part is that there's no need for
emails to thousands of people to take terabytes of data.  My opinion is
that the best way to store email is in the Maildir format (one file per
message). Using this format it's not difficult to create hard links or
sym-links from each user's Maildir to where the original copy of the file
is stored. Installing 30,000 links to a 1M file takes about a minute and
1M of disk space.  Storing 30,000 seperate copies of the file takes 30G of
storage and huge amounts of delivery time.

I am currently working on a bulletin system based on this.  The idea is
that any "all users" type address will go to the bulletin program which
will create links.  The next version will include an "undeliver" program
which will read through the home directories of all users and remove files
that have the same inode as the file in question or are sym-links to it.

Then an administrator of a large email system that includes my Maildir
Bulletin program could just remove such messages from the Maildir's of
users who haven't read it (containing the problem) and also change the
configuration of the mail server to just bounce any inbound message with
the same subject or content.

What took the Compaq security team hundreds of hours should only have
taken a few hours by a small team of administrators and should not have
resulted in any reduction in service.

Of course this relies on open mail server software which can be easily
extended by third-parties.

The web page for my bulletin program is below (yes it's so new I haven't
even had time to write a web page and I've just got links to the source).

http://www.coker.com.au/maildir-bulletin/

Russell Coker

ISN is sponsored by Security-Focus.COM