nanog mailing list archives
Re: DNS Hijacking by Cox
From: Sean Donelan <sean () donelan com>
Date: Sun, 22 Jul 2007 21:19:44 -0400 (EDT)
On Sun, 22 Jul 2007, William Allen Simpson wrote:
Comcast still blocks port 25. And last week, a locally well-known person was blocked from sending outgoing port 25 email to their servers from her home Comcast service.
MSA port 587 is only 9 years old. I guess it takes some people longer than others to update their practices. Based on what I know how comcast's abuse systems implement their port 25 restrictions, I think it is extremely unlikely it was based on other people having her e-mail address in their Outlook programs.
Some people complain ISPs refuse to take action about abuse and compromised computers on their networks. On the other hand, people complain when ISPs take action about abuse and compromised computers on their networks. ISPs are pretty much damned if they do, and damned if
they don't.Several ISPs have been redirecting malware using IRC to "cleaning" servers for a couple of years trying to respond to the massive number of bots. On occasion they pick up C&C server which also contains some "legitimate" uses. Trying to come up with a good cleaning message for
each protocol can be a challenge.Yes, false positives and false negatives are always an issue. People running sevaral famous block lists for spam and other abuse also made mistakes on occasion.
Current thread:
- DNS Hijacking by Cox Andrew Matthews (Jul 22)
- RE: DNS Hijacking by Cox Raymond L. Corbin (Jul 22)
- Re: DNS Hijacking by Cox Sean Donelan (Jul 22)
- Re: DNS Hijacking by Cox Brandon Galbraith (Jul 22)
- Re: DNS Hijacking by Cox Nachman Yaakov Ziskind (Jul 22)
- Re: DNS Hijacking by Cox Raymond Dijkxhoorn (Jul 22)
- Re: DNS Hijacking by Cox William Allen Simpson (Jul 22)
- Re: DNS Hijacking by Cox Sean Donelan (Jul 22)
- Re: DNS Hijacking by Cox Steven Haigh (Jul 22)
- RE: DNS Hijacking by Cox Raymond L. Corbin (Jul 22)
- Multiple different ISPs respond to Bots (was RE: DNS Hijacking by Cox) Sean Donelan (Jul 22)
- Re: Multiple different ISPs respond to Bots (was RE: DNS Hijacking by Cox) Matthew Sullivan (Jul 22)
- Re: DNS Hijacking by Cox Brandon Galbraith (Jul 22)
- Re: DNS Hijacking by Cox Joe Greco (Jul 22)
- How should ISPs notify customers about Bots (Was Re: DNS Hijacking by Cox) Sean Donelan (Jul 23)
- Re: How should ISPs notify customers about Bots (Was Re: DNS Hijacking by Cox) Leigh Porter (Jul 23)
- Re: How should ISPs notify customers about Bots (Was Re: DNS Hijacking Joe Greco (Jul 23)
- Re: How should ISPs notify customers about Bots (Was Re: DNS Hijacking Sean Donelan (Jul 23)
- Re: How should ISPs notify customers about Bots (Was Re: DNS Hijacking Joe Greco (Jul 23)