Exceeding recursive client limit
brad at stop.mail-abuse.org
Mon Jun 13 22:16:41 UTC 2005
At 2:52 PM -0400 2005-06-13, Rich Parkin wrote:
> The offending IP is requesting the same domains over and over and over. I =
> assume that our customer has an infected host that's making these requests =
> and they're just merrily forwarding them all my way. Does anyone have any =
> strategies for dealing with this? Or am I just hosed and need to deny =
> requests from the customer causing the issue?
Firewall off that IP address, and don't allow them to go anywhere
-- not on your internal network, not to the outside world. When
someone calls up and complains, tell them that they have to fix that
machine. Inform them that the next time their machine goes whacko,
you will charge them for each and every packet that they generate.
Even if it's just a penny per packet, that could be a lot of money,
and they'll be likely to pay better attention to their machines.
But your first responsibility is to protect your machines and
your network against excessive abuse, both from the outside world as
well as from your own customers.
Brad Knowles, <brad at stop.mail-abuse.org>
"Those who would give up essential Liberty, to purchase a little
temporary Safety, deserve neither Liberty nor Safety."
-- Benjamin Franklin (1706-1790), reply of the Pennsylvania
Assembly to the Governor, November 11, 1755
SAGE member since 1995. See <http://www.sage.org/> for more info.
More information about the bind-users