nanog mailing list archives
Re: Is malicious asymmetrical routing still a thing?
From: Christopher Morrow <morrowc.lists () gmail com>
Date: Thu, 9 Mar 2023 16:29:11 -0500
On Thu, Mar 9, 2023 at 4:19 PM Christopher Munz-Michielin <christopher () ve7alb ca> wrote:
Not this exact scenario, but what we see a lot of in my VPS company is people sending spam by using our VPS' source addresses, but routing outbound via some kind of tunnel to a VPN provider or similar in order to bypass our port 25 blocks. We've had to start blocking source port 25 to catch the replies from the recipient mail servers in order to prevent this kind of abuse.
commodity 'ip access' really is all the same (dial, dsl, cable, vpc) to folk that do this sort of thing :(
Current thread:
- Is malicious asymmetrical routing still a thing? John Levine (Mar 09)
- Re: Is malicious asymmetrical routing still a thing? Aaron1 (Mar 09)
- Re: Is malicious asymmetrical routing still a thing? William Herrin (Mar 09)
- Re: Is malicious asymmetrical routing still a thing? Jon Lewis (Mar 09)
- Re: Is malicious asymmetrical routing still a thing? Grant Taylor via NANOG (Mar 09)
- Re: Is malicious asymmetrical routing still a thing? Mark Tinka (Mar 12)
- Re: Is malicious asymmetrical routing still a thing? William Herrin (Mar 09)
- Re: Is malicious asymmetrical routing still a thing? Christopher Munz-Michielin (Mar 09)
- Re: Is malicious asymmetrical routing still a thing? Christopher Morrow (Mar 09)
- Re: Is malicious asymmetrical routing still a thing? Grant Taylor via NANOG (Mar 09)
- Re: Is malicious asymmetrical routing still a thing? William Herrin (Mar 09)
- Re: Is malicious asymmetrical routing still a thing? William Herrin (Mar 09)
- Re: Is malicious asymmetrical routing still a thing? Aaron1 (Mar 09)