Self-made DoS of the bbantispam server
According to Wikipedia, a denial-of-service attack (DoS attack) is an attempt to make a computer resource unavailable to its intended users. Recently it happended to bbantispam.com and bbspam.com. More precisely, it was not a DoS-attack, but a DoS-suicide.
Textual Confirmation is an antispam tool for phpBB. In the community edition, it sends a copy of detected spam registrations to the central database, which is located on this server.
The current rate is a few notifications per second. It’s not a big load. But imagine that something is happened and the operating system (OS) has few free memory.
Sendmail (a mailer daemon) tries to save the notification in a database. By design, an external helper is used. But the program can’t be run because the OS is out of memory.
Therefore, sendmail defers saving of the notification. But additionally, it tries to send a problem report. Now we have two letters instead of one!
Now things go worse. Sending the report takes a time due to the network latency. Meanwhile, a new spam notification arrives. Again, it can’t be delivered immediately, and the process repeats. And yet another notification comes in…
After a while, the mail queue is jammed, the memory is fully occupied, and the system doesn’t provide any services anymore.
At the moment, a temporary workaround is implemented. All the incoming notifications are just thrown away. Now I’m waiting till the mail queue becomes empty. It will take a day or two. Then I’ll investigate how to solve the problem correctly.