MaxNOOPCommands
Number of useless commands before a slowdown V8.14 and later
Prior to V8.14, sendmail set 20 as the limit on the number of useless commands received from a client before it would slow down its responses to that client. The idea is that too many such commands may indicate that an attack is in progress. The useless commands are NOOP and VERB (but not HELP). If sendmail detects too many useless commands, it logs the following warning and sleeps at least one second before replying:
envelope id : client: possible SMTP attack: command=useless command here, count=how many
Prior to V8.14, the only way to change the limit on
useless commands was to change the setting for the
MAXNOOPCOMMANDS
compile-time macro in sendmail/srvrsmtp.c. Beginning with
V8.14, however, you may override that default with
your own limit by setting this MaxNOOPCommands option,
which is declared like this:
OMaxNOOPCommands=num ← configuration file (V8.14 and later) -OMaxNOOPCommands=num ← command line (V8.14 and later) define(`confMAX_NOOP_COMMANDS',`num') ← mc configuration (V8.14 and later)
Here, num is of type
numeric. If
num is negative,
non-numeric, or zero, no limit is placed on the
number of useless commands that the client may send.
If this option is entirely omitted, the default is
the original value of 20.
The MaxNOOPCommands
option is not safe. If specified from the command
line, it can cause sendmail to
relinquish its special privileges.
Get sendmail, 4th Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
