On Nov 19, 2007, at 9:24 AM, Joe Allesi -X (joallesi - Coyote Creek
Consulting at Cisco) wrote:
All,
Is anyone using iptables (recent module), or any other alternatives,
to
throttle the number of new imap or pop connections per minute? We have
some applications that like to login every second to pull mail using
imap, so we'd like to protect the entire dovecot server from these
applications. We've already made the change over to high-perf mode,
but
we still need some type of denial of service protection. Any real-
world
data would be appreciated.
Yeah, I throttle initial connections per IP to something like 15 or
20. I started doing this after I got hit with a little more than 600
connections/second for a few minutes.
I use OpenBSD with pf.
Sean
