DDOS solution recommendation

Colin Johnston colinj at mx5.org.uk
Mon Jan 12 08:48:28 UTC 2015

> On 12 Jan 2015, at 08:29, David Hofstee <david at mailplus.nl> wrote:
> Hi Mike, 
> About trying to hit the mail ports... It is very easy for a domain to set its MX to a random host name. So before you block you might want to check the To-domain in the header of the mail. Otherwise it is too easy to DoS yourself (by planting email addresses in systems, such as mine, and then changing the MX of that domain to your hosts).

Should be overcome by good dont block range checker and header checks as above


More information about the NANOG mailing list