6 Apr
2011
6 Apr
'11
11:49 a.m.
I look after the infrastructure for a local charity, who run their own mail server over a VDSL line here in Christchurch. For the last 3 hours or so, the mail server is being ddosed... the incoming mail is being spoofed to have come from a local ip address ( not the firewall! ) afaict. All I've got is a dd-wrt based firewall into which I've blocked about 1,000 IP addresses via iptables - but doing that in a hurry, you don't know which ones are valid. And it's not helping. Any suggestions apart from forward 25 to /dev/null and hope they go away?? Cheers, Steve -- Steve Holdoway BSc(Hons) MNZCS <steve(a)greengecko.co.nz> http://www.greengecko.co.nz MSN: steve(a)greengecko.co.nz Skype: sholdowa