nanog mailing list archives
backscatter hosts (was: Re: Barracuda Networks Spam Firewall)
From: Steven Champeon <schampeo () hesketh com>
Date: Tue, 18 May 2004 18:18:45 -0400
on Tue, May 18, 2004 at 04:01:40PM -0400, Todd Vierling wrote:
On Mon, 17 May 2004, Jared B. Reimer wrote: : >We had this problem when our inbound-smtp server ( the server the : >barracuda is dumping mail to) was accepting all RCPT TOs : This is a pretty serious flaw IMHO, if it is (in fact) true. qmail isn't : the only mailer that behaves this way. And, regardless of what the Barracuda box did, you should fix your qmail install. This behavior is no longer considered acceptable by the 'net at large, because accept-then-bounce is the biggest cause of virus spew bounceback spam. (As a result, people have begun widely blocking MXs that accept-then-bounce. You'd do yourself quite a favor to convert to reject-at-SMTP now, before you get blocked too.)
At present, thanks to a recent massive joe job against one of the domains we host, I've got a list of ~16100 mailhosts that I no longer accept null sender mail* from. Most of them are running qmail, based on some unscientific analysis I did when compiling the list. All of them accepted, then bounced, mail from spammers HELO'ing with that domain "back" to the victim. Several hundred also sent us DSNs from virus forgeries. All of them were unnecessary. Sad, really, especially given that patches exist to fix this problem. Steve * or postmaster/Symantec_Antivirus/Webshield/VirusWall/JCT/etc. -- hesketh.com/inc. v: +1(919)834-2552 f: +1(919)834-2554 w: http://hesketh.com Buy "Cascading Style Sheets: Separating Content from Presentation, 2/e" today! http://www.amazon.com/exec/obidos/ASIN/159059231X/heskecominc-20/ref=nosim/
Current thread:
- RE: Barracuda Networks Spam Firewall, (continued)
- RE: Barracuda Networks Spam Firewall Christopher Brown (May 17)
- Re: Barracuda Networks Spam Firewall John Neiberger (May 17)
- Re: Barracuda Networks Spam Firewall Jared B. Reimer (May 17)
- Re: Barracuda Networks Spam Firewall jlewis (May 17)
- Re: Barracuda Networks Spam Firewall Majdi S. Abbas (May 18)
- Re: Barracuda Networks Spam Firewall Valdis . Kletnieks (May 18)
- Re: Barracuda Networks Spam Firewall Christopher X. Candreva (May 18)
- Re: Barracuda Networks Spam Firewall Valdis . Kletnieks (May 18)
- Re: Barracuda Networks Spam Firewall Todd Vierling (May 18)
- Re: Barracuda Networks Spam Firewall Jared B. Reimer (May 17)
- Re: Barracuda Networks Spam Firewall Todd Vierling (May 18)
- backscatter hosts (was: Re: Barracuda Networks Spam Firewall) Steven Champeon (May 18)
- Re: Barracuda Networks Spam Firewall Christopher X. Candreva (May 18)
- Re: Barracuda Networks Spam Firewall Valdis . Kletnieks (May 18)
- Re: Barracuda Networks Spam Firewall Todd Vierling (May 18)
- Re: Barracuda Networks Spam Firewall Valdis . Kletnieks (May 18)
- Re: Barracuda Networks Spam Firewall Christopher X. Candreva (May 18)
- Re: Barracuda Networks Spam Firewall Valdis . Kletnieks (May 18)
- Re: Barracuda Networks Spam Firewall Todd Vierling (May 18)
- Re: Barracuda Networks Spam Firewall Eric A. Hall (May 18)
- Re: Barracuda Networks Spam Firewall Per Gregers Bilse (May 18)