All kinds of Denial-of-service attacks are the TCP/IP protocol stack of the target, which is not a very special way to use it, and its purpose is to disable the server and work. This kind of attack can be easily successful because the first time the IP protocol was established, the main purpose was to provide the most efficient service, but did not take into account the source of the packet's powerful validation mechanism. This flaw leads to the fatal consequences of a Dos attack.
What would you do if your mail server were attacked?
Before the release of Sendmail8.10.0, it was a very annoying thing. Now it's different, with Sendmail8.10.0, you can simply configure a few parameters below, your mail server's ability to resist denial of service attack greatly improved. Recommended values apply to small and medium mail servers.
1. Free block number with minimum configuration
Configuration parameters: Minfreeblocks
Parameter description: The minimum number of free blocks in a queue that the file system uses to accept standard SMTP (Simple Mail Transfer Protocol) messages.
The smaller the more likely to be attacked deadly.
Default value: 100
Recommended value: 4000 or greater
2. Maximum message size
Configuration parameters: MaxMessageSize
Parameter description: The maximum size of each message, in bits (bytes). The bigger the attack, the more likely it is to be deadly.
Default value: No Limit
Recommended value: 5M
3. Automatically recreate aliases
Configuration parameters: Autorebuildaliases
Parameter description: Automatically recreate all aliases when needed. If set to true, this is a potential crisis that can cause a denial of service attack.
Default value: False
Recommended value: False
4. Queue Average Load
Configuration parameters: Queuela
Parameter description: The average load at a single queue. According to the number of CPUs properly set (8*cpu quantity)
Default value: Variable
Recommended value: 10*cpu quantity
5. Average load rejection critical point
Configuration parameters: Refusela
Parameter description: Once the average load exceeds this critical point, all incoming SMTP connections are rejected.
Default value: Variable
Recommended value: 8*cpu quantity
6. Number of child processes for the maximum daemon process
Configuration parameters: Maxdaemonchildren
Parameter description: The maximum number of child processes allowed to fork. When this number is exceeded, the connection is rejected. If the set value is less than or equal to zero, it means no limit.
Default value: Not Defined
Recommended value: Set according to memory size. (for example, 128M memory recommended value is 40)
7. Maximum header length
Configuration parameters: Maxheaderslength
Parameter description: Maximum total length of all headers
Default value: Not set
Recommended value: 32 or 64K
8. Maximum MIME encoded message length
Mime,multipurpose Internet Mail Extension Protocol, Multipurpose Internet Messaging Extensions Protocol
Configuration parameters: Maxmimeheaderlength
Parameter description: The maximum message length after MIME encoding
Default value: Not Defined
Recommended value: 1024 or smaller
9. Maximum number of recipients per email
Configuration parameters: Maxrecipientspermessage
Parameter description: If set, each message can be copied to the specified number of addressee at the same time. Exceeding this number returns an error code of 452. That is, in a message queue, it is sent indefinitely.
Default value: Not set
Recommended value: 10-100
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
