We are getting a huge SMTP attack from a number of IPs. I've gone ahead and created a DNAT rule that sends them to a blackhole address, but I'm not understanding why exim is still receiving the TCP connection, if I have everything set correctly. Shouldn't the NAT rule precede the proxy connection, according to the Rulz?
This thread was automatically locked due to age.
