On Wed, Nov 24, 1999 at 04:50:22PM +0000, Jeffrey Goldberg <J.Goldberg@Cranfield.ac.uk> wrote:
>
> Can't you simply get your mail administrator (and admins on friendly
> sites) to block mail from the nets originating the attacks. A DoS attack
> should be stopped at higher levels instead of trying to build things into
> majordomo, you should just stop all access to your network from such a
> site.
Well, yes and no. I've taken that route - when I see (or have brought to my
attention) one of these attacks going on, I slap an access rule into my MTA.
Voila, no more attack, just lots of bounce notices in my email.
The problem is that they change locations. In order to restrict by address,
you have to know the address, and they could be using any open relay on the
Internet. If you can restrict by behaviour, then it doesn't matter where
they are.
Personally, I'm still not going to build that sort of functionality into
Majordomo, but I can see the appeal, especially if you have access to the
Majordomo setup but not to the MTA setup.
Bryan
--
Bryan Fullerton http://www.samurai.com/
Core Competency
Samurai Consulting
Can you feel the Ohmu call?
References:
|
|
