i have a netscreen 208 that I am trying to configure to drop all email coming to user x(having a problem with a smtp DDoS)
I have set up a custom attack with SMTP-header-to = user@domain\.com
have added it to a custom attack group, and turned on DI for the 2 policies going to the spam appliances.
Action Brute Force Attack Action Target Timeout
drop block zone 60
it is finding one every few seconds, however over 70 a minute are getting through to each server(and it has enough hitting it that the server is ignoring most requests)
any idea what I'm doing wrong?
bbbintn
I have set up a custom attack with SMTP-header-to = user@domain\.com
have added it to a custom attack group, and turned on DI for the 2 policies going to the spam appliances.
Action Brute Force Attack Action Target Timeout
drop block zone 60
it is finding one every few seconds, however over 70 a minute are getting through to each server(and it has enough hitting it that the server is ignoring most requests)
any idea what I'm doing wrong?
bbbintn