[Mimedefang] monkeys.dom UPL being DDOSed to death
Mike Heller
mike at dsny.com
Wed Sep 24 11:59:47 EDT 2003
I am one of the people using Ron's DNSBL to filter mail on my server
(or at least was using). During the DDOS attack, our mail server slowed
to a crawl and I noticed that there were a lot of sendmail processes
running. I'm assuming that each one was looking up the IP in Ron's DNS
and each one had to timeout before it could continue. After a while,
our mail server stopped accepting mail, which is not a good thing.
As we have discussed on this list, it's not the first time this has
happened nor will it be the last. If that is the case, is there
anything I can do to prevent my server from dying next time? Can I
reduce the timeout period? Are there any other measures I can take to
help prevent this from happening again? Zone transferes would seem like
an option as I could just have the list locally, but that seems to put
more work on the list maintainer since he would have to authorize a lot
of servers.
Thanks for any help you can provide.
Mike
More information about the MIMEDefang
mailing list