Re: [exim] exim allowed someone to slam my mail server for 3…

Top Pagina
Delete this message
Reply to this message
Auteur: Philip Hazel
Datum:  
Aan: abc
CC: exim-users
Onderwerp: Re: [exim] exim allowed someone to slam my mail server for 3 hours
On Mon, 27 Jun 2005 abc@??? wrote:

> What happened here? I thought Exim is supposed to disconnect people if they
> cause too many errors in their connection?


That control is for syntax errors in the SMTP dialogue. It does not
apply to unknown recipients.

> Why did Exim allow the one host to make 38,000 requests in 3 hours
> within just 1 connection?


You can use one of the $acl_cx variables in an ACL to accumulate data
over multiple messages in the same connection if you want to.

> Isn't there a way to disconnect a host if they cause too many errors in the
> SMTP dialogue?


As long as you can find a way to define "errors", then yes. You can
count messages, failed and accepted recipients, and define whatever rule
you want to based on this data.


-- 
Philip Hazel            University of Cambridge Computing Service,
ph10@???      Cambridge, England. Phone: +44 1223 334714.
Get the Exim 4 book:    http://www.uit.co.uk/exim-book