[c-nsp] Mial bomb mitigation

[Tim Franklin]

> There are many sendmail techniques regarding reverse DNS that can be
> used.

On a personal level, feeding a few dial-up lists to Postfix has worked
wonders for me.  If the victim is seeing thousands of different IP
addresses, there's a good chance it's residential zombies, and most of these
will be caught by the DULs.  I've only used this against spam though, not a
concentrated attack - I don't know how much it will help the load on the
server.

Greylisting is also a personal huge win against spam, but how effective this
is against a mail-bomb will depend on how the attacker behaves when faced
with a 4xx code, and whether the problem is coming from the number of
connections or the volume of message bodies.

Of course, both of these do have the potential for collateral damage, which
is a different decision to make on a company mail server than a personal
one...

Regards,
Tim.

-- 
____________   Tim Franklin                 e: tim at colt.net 
\C/\O/\L/\T/   Product Engineering Manager  w: www.colt.net 
 V  V  V  V    Managed Data Services        t: +44 20 7863 5714 
Data | Voice | Managed Services             f: +44 20 7863 5876