nanog mailing list archives

Re: fixing insecure email infrastructure (was: Re: [eweek article] Window of "anonymity" when domain exists, whois not updated yet)

From: Chris Adams <cmadams () hiwaay net>
Date: Wed, 12 Jan 2005 10:32:13 -0600


Once upon a time, Steven Champeon <schampeo () hesketh com> said:

7) all ISPs MUST act on ANY single abuse report (including being
   informed of infected customer machines, which MUST be removed from
   the Internet ASAP. No excuses)


One problem I have with this one is people do forge reports, and there
is no way around that.  Also, as long as there are networks that don't
enforce source address filtering, port probing complaints cannot be
validated (I take them as valid unless proven otherwise, but we have had
a few that appear after the fact to be forged and/or spoofed).  If you
_always_ take someone off-line on a single complaint, you make it easy
for someone to get someone else kicked off.

-- 
Chris Adams <cmadams () hiwaay net>
Systems and Network Administrator - HiWAAY Internet Services
I don't speak for anybody but myself - that's enough trouble.

Current thread:

Re: [eweek article] Window of "anonymity" when domain exists, whois not updated yet, (continued)
- - - Re: [eweek article] Window of "anonymity" when domain exists, whois not updated yet Niels Bakker (Jan 12)
    - Re: [eweek article] Window of "anonymity" when domain exists, whois not updated yet Michael . Dillon (Jan 12)
    - Re: [eweek article] Window of "anonymity" when domain exists, whois not updated yet Niels Bakker (Jan 12)
    - Re: [eweek article] Window of "anonymity" when domain exists, whois not updated yet Michael . Dillon (Jan 12)
    - Re: [eweek article] Window of "anonymity" when domain exists, whois not updated yet Niels Bakker (Jan 12)
    - Re: [eweek article] Window of "anonymity" when domain exists, whois not updated yet Owen DeLong (Jan 12)
    - Re: [eweek article] Window of "anonymity" when domain exists, whois not updated Stephane Bortzmeyer (Jan 13)
    - Re: [eweek article] Window of "anonymity" when domain exists, whois not updated yet Suresh Ramasubramanian (Jan 12)
    - Re: [eweek article] Window of "anonymity" when domain exists, whois not updated yet Michael . Dillon (Jan 12)
    - fixing insecure email infrastructure (was: Re: [eweek article] Window of "anonymity" when domain exists, whois not updated yet) Steven Champeon (Jan 12)
    - Re: fixing insecure email infrastructure (was: Re: [eweek article] Window of "anonymity" when domain exists, whois not updated yet) Chris Adams (Jan 12)
    - Re: fixing insecure email infrastructure (was: Re: [eweek article] Window of "anonymity" when domain exists, whois not updated yet) Steven Champeon (Jan 12)
    - Re: fixing insecure email infrastructure (was: Re: [eweek article] Window of "anonymity" when domain exists, whois not updated yet) Eric Brunner-Williams in Portland Maine (Jan 12)
    - Re: fixing insecure email infrastructure (was: Re: [eweek article] Window of "anonymity" when domain exists, whois not updated yet) Steven Champeon (Jan 12)
    - Re: fixing insecure email infrastructure (was: Re: [eweek article] Window of "anonymity" when domain exists, whois not updated yet) Eric Brunner-Williams in Portland Maine (Jan 12)
    - Re: fixing insecure email infrastructure (was: Re: [eweek article] Window of "anonymity" when domain exists, whois not updated yet) Steven Champeon (Jan 12)
    - Re: fixing insecure email infrastructure (was: Re: [eweek article] Window of "anonymity" when domain exists, whois not updated yet) Eric Brunner-Williams in Portland Maine (Jan 12)
    - Re: fixing insecure email infrastructure (was: Re: [eweek article] Window of "anonymity" when domain exists, whois not updated yet) Steven Champeon (Jan 12)
    - Re: fixing insecure email infrastructure (was: Re: [eweek article] Window of "anonymity" when domain exists, whois not updated yet) Eric Brunner-Williams in Portland Maine (Jan 12)
    - Re: fixing insecure email infrastructure (was: Re: [eweek article] Window of "anonymity" when domain exists, whois not updated yet) Adi Linden (Jan 12)
    - Re: fixing insecure email infrastructure (was: Re: [eweek article] Window of "anonymity" when domain exists, whois not updated yet) Steven Champeon (Jan 12)

(Thread continues...)