May 6th, 2005

dotat

Flood protection

I've just written a proposal for implementing rate limits on outgoing email via ppswitch (our central email relay). The aim is to detect and stop floods of viruses or spam from a compromised machine on the University's network.

The document includes a description of the simple mathematical model I'm planning to use to compute a client's sending rate. It seems to satisfy my requirements but if anyone has any better ideas then I'm all ears.

http://www.cus.cam.ac.uk/~fanf2/hermes/doc/antiforgery/ratelimit.html