Data Haven problems

[dfloyd@io.com]

-----BEGIN PGP SIGNED MESSAGE-----


While programming my data haven code, I am wondering how to guard against
spamming the data haven parser.  It is trivial to mount a denial of
service attack by repeatedly mailing large files. which will fill up the 
quota or filesystem of the data haven host, and if you have mail on a 
root partition, will cause hangs or crashes.

Any ideas on how to guard against mailbombs, and to confirm to the sender
that their files are stored successfully?  Perhaps do a mailing with
a test command that validates the existance of the file, and sends a
reply back wether the file is okay or not, or would this result in a
possible security hole?

As to the code, this will have to be my second rewrite as I am going to
do it in perl code, rather than C...  last rewrite was from a daemon to
a program activated by a .forward file.

Lastly, instead of postage (like a remailer would get), how hard would it
be to implement "rent" where if the "rent" is not paid, and a grace period
has elapsed the file would be trashed.  All this while preserving the
anonymity of the sender and the data haven site.



-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQEVAwUBLw7KpFLUeLjqSiixAQHs4wf+Mf4CVx77nXjUXug/3q1hINhCyWgWmal7
vY1WeCDXM+qrrdxUgqzIhYRYpCPKChMjeozFltn9T0CcH/YdaD5hx3dB5A0YUPWZ
SpF5oCL3iZzf2veA8BBJEIrFdmts/nFUzWaqMx4+2IcufYb+0kVw/AKi2M5B0ZiT
UoOFFIsySR9hIMMIfHlkGqrnoO8LhlViRBx4u1O0bb0GYAyc+Nv6HvDJOSWuVe9C
g5B4GMLuW1t9e5Qw3W0Qy1VRIC4QbOrd0zbjDrQ38GUemOjALuZ2h4+tr3bR93KU
ZthueqsIzGKlr90PU6AVVZd128mDHLofJO4I4IoOgSPV7XIK4tufyA==
=KZk0
-----END PGP SIGNATURE-----