Forgot the Chain, depends on how you're using your MT Device. chain=forward does what you need.
Depends on what kind of DDoS you're receiving, your Question sounds like UDP Port 53
chain=forward dst-port=53 protocol=udp action=drop in-interface=etherx
Should to the Job, if you have the /ip service nameserver running. If you're getting hitted by this kind of DDoS its a bit harder because your Bandwith not fits the job do this:
chain=forward src-port=53 protocol=udp action=drop in-interface=etherx src-address=!126.96.36.199
So you can still use the Google DNS 188.8.131.52.