Magnus Holmgren wrote:
OK, the attacker might have 100 zombies on different ISPs, with each ISP's smarthost helping amplify the attack a bit. But does that really count? The servers making the callouts aren't the ones which are amplifying.
You really don't have to deal with spam at your day job, do you? 100? 100? What is this, 1991?
Modern trojan systems run in the multi-thousand PER ISP. Then there are roughly half a million open relays in China and Korea alone.
Finding places to submit mail spam for you is trivial if all you have to do is get to RCPT TO, not get it delivered.
So with your army of bot-machines and open relays, you start delivering all over the planet with a single forged envelope sender.
Yes, it isn't a problem today. But if everyone turned on sender authentication, it would be. Instantly.
-- Jo Rhett Network/Software Engineer Net Consonance
