This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

SMTP Attacks - RBL/DNAT Blackhole

We are getting a huge SMTP attack from a number of IPs. I've gone ahead and created a DNAT rule that sends them to a blackhole address, but I'm not understanding why exim is still receiving the TCP connection, if I have everything set correctly. Shouldn't the NAT rule precede the proxy connection, according to the Rulz?



This thread was automatically locked due to age.