Subj : Blocked IP's
To   : MARK LEWIS
From : Daryl Stout
Date : Wed Jul 08 2015 05:39 pm

Mark,

ML>the thing i never liked about doing that is that it leaves the server to dea
ML>with the rejections instead of serving answers to requests... one can be DDo
ML>by simply having rafts and rats of blocked IPs hitting all at once for a
ML>sustained period... i prefer a dedicated protection system for that purpose.
ML>then there's the thing about dynamic IPs being in the block lists... most of
ML>those are from compromised machines that get cleaned up and/or get a new IP.
ML>when that happens, the old blocked IP is taking up room and shouldn't be in
ML>list any more since it is no longer dangerous...

 With VADV32, it has a cached IP list, and if an IP is in there, the
connection is refused. After a certain period of time, that entry is
cleared. I have had several attempted connects from the same IP nearly
simultaneously.

 With VSMTP32 (VADV32's email client), the only IP I allow is the one
from my mail server (DuoCircle, formerly DYNDNS). With their VIP account
for my domain (wx1der.dyndns.org), and the basic email deal (used mainly
for the new user verification), I pay around $10 a month.

Daryl

---


--- Virtual Advanced Ver 2 for DOS
* Origin: The Thunderbolt BBS (1:19/33)