All - A global attack is underway against the IETF's Mailman instance (and possibly others around the world, I cannot say.) This is a distributed attack, targeting list subscriptions. Subscription requests are coming through the website at a rate of 10-15 per second. All lists are impacted. All previous countermeasures put in place for prior attacks appear to be... no longer effective. Cloudflare's detection and mitigation systems, and even their manual "under attack" mode have all been ineffective in reducing the volume or speed of the requests, although all of the requests are coming through Cloudflare. In addition to the obvious flooding of list moderation queues, the other side-effect of this is that the IETF is originating tens of thousands of subscribe requests to various external addresses. For this reason, I have temporarily disabled the Mailman web subscription screen, and am working on new countermeasures to try to halt this flood. Only the ability to subscribe to lists has been impacted here, lists themselves are still up and working. As soon as subscription service can be restored, it will be. In the meantime, if you have immediate subscription needs, please contact the list administrator show on each list's info page, and they will assist you as soon as they are able. Thank you for your patience. Glen -- Glen Barney IT Director AMS (IETF Secretariat)
