Catch All Server - Null MX Setup
Kevin Darcy
kcd at daimlerchrysler.com
Fri Sep 30 23:57:53 UTC 2005
WiNNie wrote:
>The Name Servers are being used for a domain parking program, there is
>no email, so MX is of no use. My dedicated Name Servers are currently
>trying to cope with a throughput of 200-300k of data per second
>primarily on MX and AAAA record lookups, they are never followed up by
>an email or a visit to the relevant domain. It is basically an attack
>of some sort, so by shutting off the MX lookups I should be able to
>reduce the throughput, the AAAA lookups are a different case though as
>i cant simply shut them off.
>
Well, if they're not actually using the results of MX records for mail,
and they'be basically just attacking you, how does it help to give them
bogus results? If it's a relatively small number of clients or client
ranges that are doing this, you could block the queries with
allow-query, which can be specified at a zone level, and will save you a
little bandwidth since REFUSED packets are smaller than data-bearing
packets, or if you want to just snub them for everything, use blackhole,
which nixes all return traffic and saves you a bunchload of bandwidth...
- Kevin
More information about the bind-users
mailing list