On Wed, Feb 24, 2010 at 8:21 AM, Rich Kulawiec <r...@gsp.org> wrote: > On Sun, Feb 21, 2010 at 10:59:08PM -0600, James Hess wrote: >> But if the origin domain has not provided SPF records, there are some >> unusual cases left open, where a bounce to a potentially fake address >> may still be required. > > Nothing stops an > attacker from using a throwaway domain to send traffic to known > backscatterers, who will then backscatter it to $throwawaydomain, > whose MX's are set to $victim's MX's.
So? You, I and everyone else these days are no longer running open relays. You don't host $throwawaydomain so the session will end at the rcpt command. If someone merely wants to DDOS your server there are far easier ways. Regards, Bill Herrin > it's never appropriate to respond > to abuse with abuse. > > ---Rsk > > -- William D. Herrin ................ her...@dirtside.com b...@herrin.us 3005 Crane Dr. ...................... Web: <http://bill.herrin.us/> Falls Church, VA 22042-3004
