Re: [exim] Blocking DDOS to specific Domains

Top Page
This message is part of the following thread:
Mthe complete thread tree sorted by date
 
 
Delete this message
Reply to this message
Author: Jeremy Harris
Date:  
To: exim-users @ exim. org
Subject: Re: [exim] Blocking DDOS to specific Domains
tlabs wrote:
> Hi,
>
> I have a domain hosted for a client that continually gets ddos'd.
>
> For the past several months we have experienced intermitant DDOS attacks all aimed at one domain. This
> ranges from seeing up to 500,000 mails for that single domain on a daily basis.
>
> We do store and forward for that domain, essentially backup MX.
>
> I have tried a lot of different things, callout verify, block recipient domain, all apart from storing a local user
> list on our mail servers which has a high admin cost.

You need to do some form of "local" user verification.

It you truly can't maintain a list on that system,
can you use recipient callouts to the destination system
(assuming *it* is sane enough to reject, rather than bouncing,
non-users)? Or can you access its user list via LDAP?

- Jeremy


This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-[exim] callout db quite large?RE: [exim] Exchange move->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)