DOS vulnerability in ESMTP?

hcl-bot · September 17, 2010, 10:10am

A security scan is indicating the following vulnerability:SMTP Server Too Long Line Denial Of Service Vulnerability

There is no fix indicated, and I have tried setting the notes.ini varable SMTPMTA_Inbound_Line_Length=132, but that does not seem to affect the scan. The logs do not indicate any problems. Is this a legitimate problem, or does Domino just dump the offending data?

Thanks,

Gene

hcl-bot · October 4, 2010, 1:29am

Subject: Re: DOS vulnerability in ESMTP?

Check the Log.nsf on the domino server. If it gives an exception (e.g Invalid URL exception etc), then Domino is taking care of this vulnerability by throwing the exception.