nanog mailing list archives

Previous By Date Next
Previous By Thread Next

RE: Open relays and open proxies

From: "David Schwartz" <davids () webmaster com>
Date: Thu, 24 Apr 2003 13:38:50 -0700



I am seeing an increasing number of hosts on our network become an open
proxy. So far the response to this has been reactive, once I receive
complaints from spam victims I deal with the source of the problem.



Is there an accepted way of blocking open proxy and open relay traffic at
the network edge?


        Educate your customers. Seriously.

        The details depend upon which type of problem you need to solve:

        1) Customers are being tricked into installing open proxies, say by
downloading executable from file sharing services.

        2) Customers are trying to set up proxies to allow them to share their
Internet connection with family members, but aren't securing them properly.

        3) Customers are deliberately setting up open proxies as anonymizers.

        Perhaps you have some other variation on these themes, but if you look at
all of these, you should be able to see that education is the best solution.
The possible exception is 3, in which case threats may be more appropriate.

        DS
Previous By Date Next
Previous By Thread Next

Current thread: