A brief update on our Mailman attack.
After analyzing the attack pattern, I've added a new long-term measure
into Mailman that is preventing these botnet subscription attempts
from being honored (whilst still allowing humans to subscribe).
I then turned my attention to Cloudflare. After some
All -
A global attack is underway against the IETF's Mailman instance (and
possibly others around the world, I cannot say.) This is a
distributed attack, targeting list subscriptions. Subscription
requests are coming through the website at a rate of 10-15 per second.
All lists are impacted.