Re: [Exim] DOS/DDOS/SPAM and exim

Top Page
Delete this message
Reply to this message
Author: Dan Egli
Date:  
To: jori.hamalainen
CC: Exim Users
Subject: Re: [Exim] DOS/DDOS/SPAM and exim
jori.hamalainen@??? wrote:

> Hi,
>
> depends if spammers use many source-IP addresses? You can drop those TCP-SYN packets at router/firewall/OS-kernel-firewall. But if there are too many sources that might become quite hard.
>
> One possibility is to make reverse-dns query, if that doesn't work, don't accept connections. But this is not 100% proof.
>
> Also if you know IP-addresses of legimate senders (like from internal network, you can use "smtp_reserve_hosts" and similar configuration options in Exim. But if kernel tables for TCP sessions are full, that might not work in every situations??
>
> I don't know if Exim can drop connections via configuration options.. "smtp_max_unknown_commands" is for different situation.
>
> BR, Jori
>


Perhaps you seek smtp_max_nonmail_commands?


--
-- Dan