see, *this* is why google needs to WAKE UP and start putting real
headers in their gmail spew.
_H*
We've got plenty of military toyz we could level at Redmond...
_H*
I've been blackholing NANOG mail for a while due to other things
displacing the time I'd need to read it, so I might be a little out
of touch on this, but I did grovel through some of the archives
looking for any discussion on this before posting. Didn't find a
really coherent answer yet.
What I'
Wow, lots of responses already. Thanks, good discussion.
I should clarify a little, that it's not necessarily about "blanket"
port blocking or denying "random" ports as threats are perceived,
but where needed in a well thought-out manner and trying to take
customer needs [stated or observed] into
In my mind, a suite of practices to keep one's garbage contained and
not all over the neighbor's lawn is a good thing and covers many
bases. RPF/BCP38 seems to be the IP level equivalent of blocking
ingress SMTP and forcing delivery through outbound-only servers that
check the claimed envelope and
This once again quickly reduces to a question of real-life need in
my mind. What proportion of useful traffic actually carries IP
options these days? Who uses them other than fooling around with
the occasional source-routing or RR exercise, if their local
infrastructure even permits it to be sent
I am completely convinced that abuse@ in most big providers is a
black hole with an autoresponder hung off it, and nothing ever
gets done with complaints. NO HUMAN ever sees them, and even if
they did, most of the humans at these outfits wouldn't recognize
a Received: header if it bit them in the
> How do you alert mail server operators who are smarthosting their
> e-mail through you that their outbound messages contain spam?
You don't let them falsify their envelope or headers to contain
fields utterly unrelated to your own infrastructure, for starters.
They try it, their mail bounc
So in cases like this where the community appears to agree that there's
a consistently bad apple, what's preventing everyone from simply
nullrouting the netblocks in question and imposing the death penalty?
Sorry if this seems naive, but if no legitimate purpose is shown it
seems like the obvious
you expect them to apply a null route?
Well, I *have* been talking somewhat idealistically here and
there with this crop of questions, but frankly I thought in the
2 or 3 years I was ignoring the list that the NETWORK OPERATORS
ostensibly in custody of the intertubes would have pulled things
to
While it's good to see some community effort going toward slapping
a lid on misbehaving sources, how about a little consistency in
the bigger picture?
Consider this sort of scenario: An ISP allows its infrastructure
to emit spam and host compromised machines to harbor malware and
facilitate crime
11 matches
Mail list logo
