Mail Server Connection Requests

We have a client with a dedicated IP on the server. This IP is being flooded with SMTP connection requests. I did a quick check and it looks like the IP is getting flooded at a rate of 7.7 connections per second. Because the user has a dedicated IP, all e-mail that is sent to his domain is sent to the server using that dedicated IP. This allows me to use APF to block incoming connections on port 25 to that address. This is what I currently have set up, but this means that the user is not receiving any e-mail.

I cannot remove the block or else the SMTP connection limit is hit almost instantly and nobody on the server is able to receive e-mail. It also runs the server load up with the multiple exim processes that are spawned.

My question is, is there a specific service that would be able to handle this type traffic? I could then change the domain's MX records to use this server for e-mail.

Please keep in mind that the the account's default box is set up to :fail: (This is a CPanel server). But the problem isn't due to this, its just the sheer amount of connections coming into the SMTP server. I have tried blocking just specific IPs, but there really does not appear to be any pattern that suggests a central location where all of these requests are coming from. Also please note that the 7.7 connections per second is a constant. I have tried leaving the block off for 5 to 10 minutes, but it never seems to decrease (although I have not taken specific measurements during those time periods).

I do not know if there are any mail server specific server providers that I might recommend the client to. I don't really think there are any exim specific directives I could change, but if you have any suggestions there, I will listen. I really believe the only options are to continue blocking the user's mail or offload the mail for this domain to another server that is better equipped to handle this amount of traffic.

Thanks

 

 

 

 

Top