[177297] in North American Network Operators' Group
Re: DDOS solution recommendation
daemon@ATHENA.MIT.EDU (Colin Johnston)
Mon Jan 12 03:48:38 2015
X-Original-To: nanog@nanog.org
From: Colin Johnston <colinj@mx5.org.uk>
X-Google-Original-From: Colin Johnston <colinj@gt86car.org.uk>
In-Reply-To: <78C35D6C1A82D243B830523B4193CF5F8D72815381@SBS1.blinker.local>
Date: Mon, 12 Jan 2015 08:48:28 +0000
To: David Hofstee <david@mailplus.nl>
Cc: "nanog@nanog.org" <nanog@nanog.org>
Errors-To: nanog-bounces@nanog.org
> On 12 Jan 2015, at 08:29, David Hofstee <david@mailplus.nl> wrote:
>=20
> Hi Mike,=20
>=20
> About trying to hit the mail ports... It is very easy for a domain to =
set its MX to a random host name. So before you block you might want to =
check the To-domain in the header of the mail. Otherwise it is too easy =
to DoS yourself (by planting email addresses in systems, such as mine, =
and then changing the MX of that domain to your hosts).
>=20
Should be overcome by good dont block range checker and header checks as =
above
Colin
