On Nov 19, 2007, at 9:24 AM, Joe Allesi -X (joallesi - Coyote Creek
Consulting at Cisco) wrote:
All,
Is anyone using iptables (recent module), or any other alternatives,
to throttle the number of new imap or pop connections per minute? We have some applications that like to login every second to pull mail using imap, so we'd like to protect the entire dovecot server from these applications. We've already made the change over to high-perf mode,
but we still need some type of denial of service protection. Any real- world data would be appreciated.
Yeah, I throttle initial connections per IP to something like 15 or
20. I started doing this after I got hit with a little more than 600
connections/second for a few minutes.
I use OpenBSD with pf.
Sean