nanog mailing list archives
Re: Time to check the rate limits on your mail servers
From: Suresh Ramasubramanian <ops.lists () gmail com>
Date: Thu, 3 Feb 2005 17:42:07 +0530
On Thu, 3 Feb 2005 11:42:55 +0000, Michael.Dillon () radianz com <Michael.Dillon () radianz com> wrote: http://news.com.com/Zombie+trick+expected+to+send+spam+sky-high/2100-7349_3-5560664.html?tag=cd.top
that botnets are now routing their mail traffic through the local ISP's mail servers rather than trying their own port 25 connections.
Now? We (and AOL, and some other large networks) have been seeing this thing go on since over a year.
Do you let your customers send an unlimited number of emails per day? Per hour? Per minute? If so, then why?
Doing that - especially now when this article has hit the popular press and there's going to be lots more people doing the same thing - is going to be equivalent of hanging out a "block my email" sign. One additional thing that I think wasnt mentioned in the article - Make sure your MXs (inbound servers) are separate from your outbound machines, and that the MX servers dont relay email for your dynamic IP netblock. Some other trojans do stuff like getting the ppp domain name / rDNS name of the assigned IP etc and then "nslookup -q=mx domain.com", then set itself up so that all its payloads get delivered out of the domain's MX servers -- Suresh Ramasubramanian (ops.lists () gmail com)
Current thread:
- Time to check the rate limits on your mail servers Michael . Dillon (Feb 03)
- Re: Time to check the rate limits on your mail servers Suresh Ramasubramanian (Feb 03)
- Re: Time to check the rate limits on your mail servers Raymond Dijkxhoorn (Feb 03)
- Re: Time to check the rate limits on your mail servers up (Feb 03)
- Re: Time to check the rate limits on your mail servers Patrick W Gilmore (Feb 03)
- Re: Time to check the rate limits on your mail servers Joe Maimon (Feb 03)
- Re: Time to check the rate limits on your mail servers J.D. Falk (Feb 03)
- Re: Time to check the rate limits on your mail servers Kevin (Feb 03)
- Re: Time to check the rate limits on your mail servers Michael . Dillon (Feb 03)
- Re: Time to check the rate limits on your mail servers Nils Ketelsen (Feb 03)
- Re: Time to check the rate limits on your mail servers Raymond Dijkxhoorn (Feb 03)
- Re: Time to check the rate limits on your mail servers up (Feb 03)
- Re: Time to check the rate limits on your mail servers Suresh Ramasubramanian (Feb 03)