[exim] increase in smtp concurrency

Top Page
Delete this message
Reply to this message
Author: Chris Edwards
Date:  
To: exim-users
Subject: [exim] increase in smtp concurrency
Anyone else noticing more concurrent incoming SMTP connections in last
couple of weeks ?

Chances are it's a buggy botnet, and has been discussed in various places
including:

http://blogs.msdn.com/tzink/archive/2007/09/01/new-spamming-tactic.aspx

and I'm guessing is responsible for the recent "smtp_reserve_hosts" thread
on exim-users.

Suggestions seem to include lowering timeouts - which seems likely to
break legit things.

Perhaps it's time to switch our DNSBL etc tests from "deny" to "drop" mode.
Is there any obvious downside to this ? Do most folk use drop already ?

Thanks!

Chris

--
Chris Edwards, Glasgow University Computing Service