Around 9:45 PM Eastern we started to receive alerts from our monitoring software about queue sizes and delivery speed in ExchangeDefender. Upon investigation, three ExchangeDefender nodes were being DDoS SMTP attacked. unfortunately, our servers were able to keep up with the number of open connections and corrupted messages, that it began to clog up delivery across the board.
There may have been some limited delays in email delivery for any messages that were in-scanning when the DDoS started.
The attack has been thwarted and we are currently implementing the blocks across the entire node grid.