https://issues.apache.org/SpamAssassin/show_bug.cgi?id=6048
--- Comment #27 from Dallas Engelken <[email protected]> 2009-01-22 12:40:11 PST --- (In reply to comment #26) > Dallas, > > (In reply to comment #25) > > I've asked Prolexic this in the past and they say they cant do it as the > > ACLs > > apply globablly, and it would be static entries and a named reload anyhow, > > so > > no way for us to manage or automate that flow. > > I don't understand how they could NOT provide ACLs that work on a > source/destination combination. My understanding of most firewalls and packet > filters allows for source, destination, or the pair along with additional > parameters like port, protocol, sex, etc. to be blended into packet filter > rules. Given you choose this data centre host for their abilities to prevent > DDoS, which should include sufficient means to block source/destination pairs > on demand of the client (or provide a client interface), they should be able > to > provide service at their gateways. > > From what I understand here, the level of uribl.com's service with their > provider is insufficient to uribl.com's function. And surely they know what > you > are doing such that they should be able to help aid you in DDoS issues and > high > volume disputes through some form of ACL or automated firewall rule creation. > > To me it sounds like your data centre is not capable or unwilling to provide > the level of service required to allow custom(er) rules. > I'll be the last to throw Prolexic under the bus, seeing that when we were getting drilled by several 400+ mbit/s ddos last year they stepped up to help us for free. So I suppose, "You get what you pay for", right? -- Configure bugmail: https://issues.apache.org/SpamAssassin/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug.
