Is anyone else getting hundreds of emails a night via Pressbooks contact submission forms from sample@email.tst and testing@example.com? Last night, they sent over 300 requests between 10:41-11:50 pm PDT. They’ve been sending similar messages to a colleague’s LibCal calendaring system.
We suspect these are hackers trying to regain access to our U of A Pressbooks network. We had a hacking issue several years back (they were registering as a U of A student to get a NetID and register for Pressbooks). We switched to mediated Pressbooks signups, which seems to be effectively thwarting their access. I added example.com and email.tst to our list of Banned Email Domains in Settings, but is there any way to block a specific email domain from even submitting a contact form? It’s annoying to wake up to 300+ emails from the same sender.