Sorry I know protection from email bombs has been talked about but..

WebHostPro

Well-Known Member
PartnerNOC
Jul 28, 2002
1,724
27
328
LA, Costa RIca
cPanel Access Level
Root Administrator
Twitter
I was wondering what the best and easiest way to protect from mail bombs with the lowest load use. Easiest is important since we have hundreds of servers that we manage.

Paid services is fine for fine for this but low load use is essential.

I don't think apf or bfd does this right?

Thank you,

Charley
 

richy

Well-Known Member
Jun 30, 2003
276
1
168
Can you elaborate by what you mean by "email bombs"? Emails sent to multiple addresses at a domain name, emails sent to a single specific email address, attack on the SMTP server without emails actually being transmitted etc?

You may find Chirpy's MailScanner solution from http://www.configserver.com useful in some circumstances, but without knowing exactly the problem you are having, it's difficult to suggest something.
 

chirpy

Well-Known Member
Verifed Vendor
Jun 15, 2002
13,466
31
473
Go on, have a guess
Probably to play with the many commands you can use within exim to limit the number of incoming SMTP connections from a single source and the number of transactions allowed per SMTP connection. You could also offload to the queue if the load average goes above a given value. More over at www.exim.org. If it's all from a single IP or email address, then you can block either in your firewall or in an exim ACL. If it's simply a dictionary attack, then use a dictionary attack ACL. Finally, make sure you do not use the default alias.