nanog mailing list archives

Previous By Date Next
Previous By Thread Next

Re: botted hosts

From: dlr () bungi com (Dave Rand)
Date: Mon, 4 Apr 2005 01:48:47 -0700

[In the message entitled "Re: botted hosts" on Apr  4,  1:10, Sean Donelan writes:]


On Sun, 3 Apr 2005, Dave Rand wrote:

The Kelkea (what used to be MAPS) DUL, with more than 150 million entries in
it stopped about 41% of the spam last month.  The QIL, a new product, stopped
about 55%, with the remainder being stopped by the RBL, OPS and RSS.  A view
of this from a different perspective (an unrelated ISP) is available at
http://status.hiwaay.net/spam.html

That means that if just the ISPs that we have identified as having
"dynamically assigned" addresses were to install port 25 blocking, more than
1/3 of the spam would vanish.


Why does anyone accept SMTP conenctions from known "dynamically assigned"
addresses?  DUL, QIL, etc should drop all those connections on the floor.
If everyone was using DUL, QIL, etc, why do they still complain about
getting spam from dynamically assigned addresses?  If mail admins were to
install DUL lists ....

Does port 25 blocking actually make a difference?  Any public data from
before and after?  Or does it just annoy people, cause problems and not
fix anything?



I would not complain, mind you - having more customers is good for my
business.

But why do you think it is right to shift the burden on the recipient to
block access, when it could be done at the source.  Yes, it means that
the people getting the cash from the customer would have to actually support
said customer by making it non-annoying for them.

Blocking port 25 has been a good idea for 8 years.  Many ISPs have already
done it (some better than others), and it absolutely does fix things.

--
Previous By Date Next
Previous By Thread Next

Current thread: