nanog mailing list archives
Re: botted hosts
From: abuse () cabal org uk (Peter Corlett)
Date: Mon, 4 Apr 2005 09:24:42 +0000 (UTC)
Suresh Ramasubramanian <ops.lists () gmail com> wrote: [...]
Neither DUL, nor SORBS DUHL, nor the several other lesser known variants can claim to do even a fraction of a perfect job - and providers who do stuff like happily mix static IP and dynamic IP netblocks, maintain vague or inconstant rDNS or even no rDNS at all for these, etc don't help at all, leading to the usual funny situation of someone's static IP dsl getting blocked as dynamic [but that's another story altogether]
I agree that blocking based on any sort of DUL is asking for trouble, but recent experiments on our customer MXers has shown that applying greylisting to said hosts works a treat. Personally, I'd apply it across the board, but customers moan that important mail is being delayed. Nobody has yet complained that junk from compromised hosts is being delayed :) A side-effect of the greylisting and other mail checks is that I've got a lovely list of compromised hosts. Is there any way I can usefully share these with the community? -- PGP key ID E85DC776 - finger abuse () mooli org uk for full key
Current thread:
- Re: botted hosts, (continued)
- Message not available
- Re: botted hosts Sean Donelan (Apr 04)
- Re: botted hosts Simon Waters (Apr 05)
- Re: botted hosts Suresh Ramasubramanian (Apr 04)
- Re: botted hosts Florian Weimer (Apr 04)
- Re: botted hosts Suresh Ramasubramanian (Apr 04)
- Re: botted hosts Petri Helenius (Apr 05)
- Re: botted hosts Petri Helenius (Apr 04)
- Re: botted hosts Valdis . Kletnieks (Apr 04)
- Re: botted hosts Peter Corlett (Apr 04)
- Re: botted hosts Florian Weimer (Apr 04)
- Re: botted hosts Peter Corlett (Apr 04)
- Re: botted hosts Petri Helenius (Apr 04)
- RE: botted hosts Ejay Hire (Apr 07)
- Re: botted hosts Sean Donelan (Apr 04)
- Message not available
- Re: botted hosts Jay R. Ashworth (Apr 04)
- Re: botted hosts Paul Vixie (Apr 04)
- so, how would you justify giving users security? [was: Re: botted hosts] Gadi Evron (Apr 04)
- Re: so, how would you justify giving users security? [was: Re: botted hosts] J.D. Falk (Apr 04)
- Re: so, how would you justify giving users security? [was: Re: botted hosts] Gadi Evron (Apr 04)
- Re: so, how would you justify giving users security? [was: Re: botted hosts] Petri Helenius (Apr 04)