Top Nav

Mitigate Exim Random Data DDOS

Used the following to mitigate a denial of service against a customer on Cpanel with Exim. The attack consists of connections to port 25, where they send binary garbage rather than SMTP protocol. It ends up filling the exim logs with binary junk, and otherwise wasting resources. 

This is taken from

1) Add the following lines in the middle of /etc/csf/

Some variation may be needed, depending on the exact format of the log entries. See the notes in the source URL above for more details on that.

2) Modify /etc/csf/csf.conf, change these settings:

3) Apply the changes:

4) Activity can be monitored with this command: