[c-nsp] Mial bomb mitigation
Brian Turnbow
b.turnbow at twt.it
Wed Jun 15 10:16:35 EDT 2005
Hello everyone,
I have a customer currently under a mail bomb attack he's recieving
1,000s of messages a second from 1000s of diffent IP addresses with a
constantly changing message and subject. The server is behind a pix but,
allowing all connections thru blocks the server, and if I create a
connection limit in the nat statement on the pix I can save the server
but everything that arrives is just junk and 90% of good mail can't get
thru anyway.The customers antispam is of no use as after 5 minutes he
has esceeded his hourly limit and it disables itself.
Anyone have any ideas for possible solutions?
Thanks
Brian
More information about the cisco-nsp
mailing list