On Fri, 23 Apr 1999, Robert Brown wrote:
> Tim's original messgae follows:
>
> I am working with a Potato install running exim that is a fairly busy
> pop/imap/smtp server. There seems to be some problem with a system
> that lives within att.net. The att system will open connection after
> connection, until the Debian system crashes. The exim logs for the
> connections show
>
> 1999-04-22 14:02:24 reject all recipients: 3 times bad sender
> <bsto@default> H=218.new-york-71-72rs.ny.dial-access.att.net (default)
It is a denial of service attack. You should limit the number of
inbound SMTP connections to something under what causes your machine to
crash. You can also setup a reserve pool of connections for networks you
consider safe.
Also, you should probably block SMTP connections from
*.dial-access.att.net These are all modem pools, and there is no reason
why they should be sending e-mail direct to you anyhow.
Tom
--
*** Exim information can be found at
http://www.exim.org/ ***
