nanog mailing list archives
Re: An end to spam through Graphnet
From: DAVE NORDLUND <nordlund () ccstaff cc ukans edu>
Date: Mon, 4 Aug 1997 12:41:09 CST-600
Date: Fri, 01 Aug 1997 14:32:34 -0700 (PDT) From: Geoff White <geoffw () precipice v-site net> Subject: Re: An end to spam through Graphnet To: Dana Hudes <dhudes () graphnet com> Cc: nanog () merit edu
On Fri, 1 Aug 1997, Dana Hudes wrote:Hi folks, Some time back before the latest round of cable cuts and BIND arguments you may recall that I notified everyone that Graphnet was being abused to transit spam. An ugly mess -- between the bounces and the flood of 'remove' fromyeah, I got hit the other day.We have put an end to this madness on our systems by building and configuring the very latest Sendmail v8 and BIND 4.9.6 (attempts to use v8 failed for being too Berkley, on a Solaris 2.x system -- but don't start arguing that here please) in combination with filters on our gateway router. Load has dropped way down on our sparc20, and hopefully the spammers will go play with someone else instead of futilely occupying bandwidth on our circuits . Let this be an object lesson to those of you out there who have yet to upgrade: the spammers will find you sooner or later. They walk down every A record in every zone until they find a victim. They look in public databases like RIPE to see what mailboxes are registered for the zone and they use those names to try to get past your sendmail filters and launch spam in your name (doesn't work on us, I thought of that trick). So go forth to www.isc.org and www.sendmail.org and compile.Can anyone elaborate a little more on the "one true" set of procedures that one should take to prevent spammers from abusing ones resources. The current problem that I have is valid customers who are "on the road" and want to sendmail through my SMTP server when they dial into att or netcom, before their eudora's used to point their SMTP server at me, that ain't happenin' after my spam attach so is there some work around that they can use?
Just get your customers to use an Email client that knows how to use MX records and does not need a "forwarder"! Frontier Technologies sells the Super TCP/NFS suite with an Email client that works just fine. It even has internal IDs and Passwords so that more than one person (or you if you have to look like more than one person) can use the same machine. www.frontiertech.com
Dave Nordlund d-nordlund () ukans edu University of Kansas 913/864-0450 Computing Services FAX 913/864-0485 Lawrence, KS 66045 KANREN
Current thread:
- Re: An end to spam through Graphnet, (continued)
- Re: An end to spam through Graphnet Geoff White (Aug 02)
- Re: An end to spam through Graphnet Matthew White (Aug 02)
- Re: An end to spam through Graphnet Greg A. Woods (Aug 02)
- Re: An end to spam through Graphnet Michael Dillon (Aug 02)
- Re: An end to spam through Graphnet J.D. Falk (Aug 02)
- Re: An end to spam through Graphnet Jon Lewis (Aug 02)
- Re: An end to spam through Graphnet Keith McCallion (Aug 02)
- Re: An end to spam through Graphnet John-David Childs (Aug 02)
- Re: An end to spam through Graphnet Greg A. Woods (Aug 02)
- Re: An end to spam through Graphnet Geoff White (Aug 02)
- Re: An end to spam through Graphnet Dana Hudes (Aug 05)
- Re: An end to spam through Graphnet DAVE NORDLUND (Aug 05)