> -----Original Message----- > From: Paul Griffith [mailto:[EMAIL PROTECTED] > Sent: Monday, September 10, 2007 12:48 PM > To: users@spamassassin.apache.org > Subject: Handling Spam Surges > > > Greetings, > > How do you handle Spam surges/DoS attacks? We just had a Spam > surge/DoS > and are looking at ways to better withstand (as best as we > can) another > surge
Handle it in the MTA. Best to block all unknown recipients at least. The rest of what to do in the MTA depends on what MTA you have. Once the MTA is finished with it then pass it to SA. If under attack, only thing you can do to help SA is disable network tests till its done. Visit the mailing list or FAQ's of the MTA you are using for more help on this. (example: smtp connection limiting, session tarpiting, even some firewall rules to limit concurrent connections might help) -- Michael Scheidell, CTO SECNAP Network Security Corporation Keep up to date with latest information on IT security: Real time security alerts: http://www.secnap.com/news _________________________________________________________________________ This email has been scanned and certified safe by SpammerTrap(tm). For Information please see http://www.spammertrap.com _________________________________________________________________________
