Re: [exim] Blocking DDOS to specific Domains

Pàgina inicial
Delete this message
Reply to this message
Autor: Jeremy Harris
Data:  
A: exim-users @ exim. org
Assumpte: Re: [exim] Blocking DDOS to specific Domains
tlabs wrote:
> Hi,
>
> I have a domain hosted for a client that continually gets ddos'd.
>
> For the past several months we have experienced intermitant DDOS attacks all aimed at one domain. This
> ranges from seeing up to 500,000 mails for that single domain on a daily basis.
>
> We do store and forward for that domain, essentially backup MX.
>
> I have tried a lot of different things, callout verify, block recipient domain, all apart from storing a local user
> list on our mail servers which has a high admin cost.


You need to do some form of "local" user verification.

It you truly can't maintain a list on that system,
can you use recipient callouts to the destination system
(assuming *it* is sane enough to reject, rather than bouncing,
non-users)? Or can you access its user list via LDAP?

- Jeremy