nanog mailing list archives
Re: anybody else been spammed by "no-ip.com" yet?
From: Marc MERLIN <marc_news () valinux com>
Date: Sat, 11 May 2002 15:23:28 -0700
On Fri, May 10, 2002 at 11:27:10AM +1000, Terence Giufre-Sweetser wrote:
Now there's a good idea, and it works, I have several sites running a "port 25" trap to stop smtp abuse. To stop port 25 abuse at some schools, the firewall grabs all outgoing port 25 connections from !"the mail server", and to !"the mail server", and runs then via "the mail server", which stops header forging, mass rcpt to: abuse, and vrfy/expn probing. Anything that goes past the filters has a nice clear and traceable received by: line.
I'm not sure what's so swell with this. I require SMTP AUTH over SSL with STARTTLS (exclusively), and this nice little hijack scheme makes for great support calls. They steal the SMTP connection, and then are enable to provide the SSL connection and our server certificate (obviously), so the connection fails. Yes, the "solution" is to pick a different non standard port, which comes with its own set of problems (not counting mail clients that are unable to use a different port), but I'd much rather that they do not hijack my client connections (blocking open relays and DUL IPs works just fine if you choose/need to do that) Marc -- Microsoft is to operating systems & security .... .... what McDonalds is to gourmet cooking Home page: http://marc.merlins.org/ | Finger marc_f () merlins org for PGP key
Current thread:
- Re: anybody else been spammed by "no-ip.com" yet?, (continued)
- Re: anybody else been spammed by "no-ip.com" yet? Mike Joseph (May 06)
- Re: anybody else been spammed by "no-ip.com" yet? Marc MERLIN (May 06)
- Re: anybody else been spammed by "no-ip.com" yet? Scott Francis (May 07)
- Sample Internet SLAs Darrell Kristof (May 07)
- Re: anybody else been spammed by "no-ip.com" yet? todd glassey (May 05)
- Re: anybody else been spammed by "no-ip.com" yet? Terence Giufre-Sweetser (May 09)
- Re: anybody else been spammed by "no-ip.com" yet? Joel Baker (May 09)
- Re: anybody else been spammed by "no-ip.com" yet? Jim Hickstein (May 09)
- Re: anybody else been spammed by "no-ip.com" yet? David Charlap (May 10)
- Re: anybody else been spammed by "no-ip.com" yet? Stephen J. Wilcox (May 10)
- Re: anybody else been spammed by "no-ip.com" yet? Marc MERLIN (May 11)
- Re: anybody else been spammed by "no-ip.com" yet? Johannes B. Ullrich (May 04)
- Re: anybody else been spammed by "no-ip.com" yet? Forrest W. Christian (May 04)
- Re: e-postage yet again, was anybody else been spammed by "no-ip.com" yet? John R. Levine (May 04)
- Re: e-postage yet again, was anybody else been spammed by "no-ip.com" yet? Nathan J. Mehl (May 05)
- Re: e-postage yet again, was anybody else been spammed by "no-ip.com" yet? Valdis . Kletnieks (May 05)
- Re: e-postage yet again, was anybody else been spammed by "no-ip.com" yet? Nathan J. Mehl (May 05)
- Re: anybody else been spammed by "no-ip.com" yet? Steven J. Sobol (May 04)
- Re: anybody else been spammed by "no-ip.com" yet? Bruce Campbell (May 05)