nanog mailing list archives

Re: DDOS solution recommendation

From: Colin Johnston <colinj () mx5 org uk>
Date: Mon, 12 Jan 2015 08:48:28 +0000

On 12 Jan 2015, at 08:29, David Hofstee <david () mailplus nl> wrote:

Hi Mike, 

About trying to hit the mail ports... It is very easy for a domain to set its MX to a random host name. So before you 
block you might want to check the To-domain in the header of the mail. Otherwise it is too easy to DoS yourself (by 
planting email addresses in systems, such as mine, and then changing the MX of that domain to your hosts).



Should be overcome by good dont block range checker and header checks as above

Colin

Current thread:

Re: DDOS solution recommendation, (continued)
- - - Re: DDOS solution recommendation Roland Dobbins (Jan 12)
    - Re: DDOS solution recommendation Brandon Ross (Jan 13)
    - Re: DDOS solution recommendation Valdis . Kletnieks (Jan 12)
    - Re: DDOS solution recommendation Colin Johnston (Jan 12)
    - Re: DDOS solution recommendation Patrick W. Gilmore (Jan 11)
    - Re: DDOS solution recommendation Roland Dobbins (Jan 12)
    - Re: DDOS solution recommendation Owen DeLong (Jan 12)
    - Re: DDOS solution recommendation Roland Dobbins (Jan 11)
    - Re: DDOS solution recommendation Joel Maslak (Jan 11)
    - RE: DDOS solution recommendation David Hofstee (Jan 12)
    - Re: DDOS solution recommendation Colin Johnston (Jan 12)
  - Re: DDOS solution recommendation Ca By (Jan 11)
    - Re: DDOS solution recommendation Roland Dobbins (Jan 11)
    - Re: DDOS solution recommendation Ammar Zuberi (Jan 11)
    - Re: DDOS solution recommendation Dave Bell (Jan 11)
    - Re: DDOS solution recommendation Paul S. (Jan 11)
    - Re: DDOS solution recommendation Job Snijders (Jan 11)
    - Re: DDOS solution recommendation Roland Dobbins (Jan 11)
    - Re: DDOS solution recommendation Ca By (Jan 11)
    - Re: DDOS solution recommendation Tore Anderson (Jan 12)
    - Re: DDOS solution recommendation Roland Dobbins (Jan 12)

(Thread continues...)