[99545] in North American Network Operators' Group
Re: DDoS Question
daemon@ATHENA.MIT.EDU (Roland Dobbins)
Thu Sep 27 20:40:09 2007
In-Reply-To: <20070927234947.GZ13807@mailchannels.com>
From: Roland Dobbins <rdobbins@cisco.com>
Date: Fri, 28 Sep 2007 07:28:03 +0700
To: nanog <nanog@merit.edu>
Errors-To: owner-nanog@merit.edu
On Sep 28, 2007, at 6:49 AM, Ken Simpson wrote:
> You might want to look at some kind of edge email
> traffic shaping layer.
So that 'Curtis Blackman' is the only one getting SMTP through to
Martin and his customers?
;>
Assuming nothing in the header which could be blocked by S/RTBH or
ACLs (or a QoS policy), some of the various DDoS scrubbers available
from different vendors may be able to deal with this via the
anomalous TCP rates associated with these streams of spam, and/or
regexp.
-----------------------------------------------------------------------
Roland Dobbins <rdobbins@cisco.com> // 408.527.6376 voice
I don't sound like nobody.
-- Elvis Presley
