Autor: Dan Egli Data: A: jori.hamalainen CC: Exim Users Assumpte: Re: [Exim] DOS/DDOS/SPAM and exim
jori.hamalainen@??? wrote:
> Hi,
>
> depends if spammers use many source-IP addresses? You can drop those TCP-SYN packets at router/firewall/OS-kernel-firewall. But if there are too many sources that might become quite hard.
>
> One possibility is to make reverse-dns query, if that doesn't work, don't accept connections. But this is not 100% proof.
>
> Also if you know IP-addresses of legimate senders (like from internal network, you can use "smtp_reserve_hosts" and similar configuration options in Exim. But if kernel tables for TCP sessions are full, that might not work in every situations??
>
> I don't know if Exim can drop connections via configuration options.. "smtp_max_unknown_commands" is for different situation.
>
> BR, Jori
>