[exim] DDOS on SMTP port by large number of new connections …

Top Page
Delete this message
Reply to this message
Author: Anoop John
Date:  
To: exim-users
Subject: [exim] DDOS on SMTP port by large number of new connections from random IPs
Hello,

I have run into a problem on my server with a DDOS attack on port 25. The
server is getting large number of connection requests on port 25 from
random IPs continuously preventing any access to the SMTP port by valid
users. Also the server reaches the limit of 100 simultaneous SMTP
connections within seconds of restarting the server. The server is
configured to require authentication before sending mails via SMTP so there
is no spamming / relay attempt via the server.

Is there some setting in exim that can drop connections if there is no
authentication within a timeout or something like that?

Thanks in advance for your help / guidance in this regard.

Thanks
Anoop