Re: [exim] DDOS on SMTP port by large number of new connecti…

Page principale
Ce message fait partie du fil suivant :
M-+\Arborescence complète du fil triée par date
M.MMWolfgang Breyha à <-
M\Anoop John à ->
Supprimer ce message
Répondre à ce message
Auteur: Xander D Harkness
Date:  
À: Anoop John
CC: exim-users
Sujet: Re: [exim] DDOS on SMTP port by large number of new connections from random IPs
Dear Anoop,

On 18 Oct 2014, at 10:48, Anoop John <anoopjohn@???> wrote:
>
>
> Is there some setting in exim that can drop connections if there is no
> authentication within a timeout or something like that?

You might also try to limit the number of connections per server, which I find works very well. I find I do not need a high connection limit as most servers will try pipelining.

Something like: 

smtp_accept_max_per_host       = ${if \
                                    match_ip\
                                       {$sender_host_address}\
                                       {+priority_hosts}\
                                    {0}\
                                    {4}\
                                  }


Kind regards
Xander
Ce message a été envoyé sur les listes de diffusion suivantes :
Exim-users
Informations sur la liste de diffusion | Messages voisins		<-Re: [exim] DDOS on SMTP port by large number of new connections from random IPsRe: [exim] Problem disabling SSLv3 ciphers on Exim 4.72 to deal with Poodle vunerability (CVE-2014-3566)->
Tahini and Hummus and Cumin Development Archives administré par cumin AdminsLurker (version 2.3)