6 Apr
2011
6 Apr
'11
11:49 a.m.
I look after the infrastructure for a local charity, who run their own
mail server over a VDSL line here in Christchurch. For the last 3 hours
or so, the mail server is being ddosed... the incoming mail is being
spoofed to have come from a local ip address ( not the firewall! )
afaict.
All I've got is a dd-wrt based firewall into which I've blocked about
1,000 IP addresses via iptables - but doing that in a hurry, you don't
know which ones are valid. And it's not helping.
Any suggestions apart from forward 25 to /dev/null and hope they go
away??
Cheers,
Steve
--
Steve Holdoway BSc(Hons) MNZCS