Hi, This might not be the right place to ask for this help, but since I am under a spam-based attack, I figured the collective group might be able to help out or have defended against such nonsense.
My mail server is a linux machine running RH9. It has been getting wailed on by rumplestiltskin attacks for weeks now. I have modded my sendmail.cf pretty heavily to help fight against it with various RBLs and BAD RCPT throttles. However, my friends who are acting as my secondary mail spoolers are getting flattened by the volume of the attack, since I suspect that it might actually be attempting to attack and relay through the secondary MX records besides hitting the primary MX record. I have spent hours googling around to look for solutions, even a solution that would use iptables and simply drop the inbound smtp connections for say 24-hours, if it triggers a throttle or a 550 response in sendmail. How can I determine the root of all of this? How can I keep the secondary's from getting pummeled? Thanks for any help. I'll post a summary of all the things I have done so far, as well as your answers. Mike
