nanog mailing list archives
Re: Open relays and open proxies
From: John Payne <john () sackheads org>
Date: Thu, 24 Apr 2003 16:58:56 -0400
--On Thursday, April 24, 2003 12:58 PM -0700 Joe St Sauver <JOE () OREGON UOREGON EDU> wrote:
Hi Adi, # I am seeing an increasing number of hosts on our network become an open # proxy. So far the response to this has been reactive, once I receive # complaints from spam victims I deal with the source of the problem. The sheer act of having an abuse address and acting on reports received on it puts you a leg and a half up on a number of other service providers who have chosen to studiously ignore abused open proxies on their networks.
Yep
# Is there an accepted way of blocking open proxy and open relay traffic # at the network edge?
...
What's really needed is some way to take open proxy DNSBL data and instantiate a dump of that data onto a suitable appliance. It is probably too much state to burden a reasonable sized border route with, but you could imagine other devices that could probably handle it (at least for moderate speed flows), much as there are currently middle boxes which rip open packets to target peer to peer traffic.
FWIW, if you can handle an extra 40k or so prefixes, blitzed.org can provide a BGP feed of their DNSBL (although the BGP talking machine is currently down for hardware issues).
Current thread:
- Re: Open relays and open proxies, (continued)
- Re: Open relays and open proxies Valdis . Kletnieks (Apr 25)
- Re: Open relays and open proxies John Payne (Apr 25)
- Re: Open relays and open proxies Daniel Concepcion (Apr 25)
- Re: Open relays and open proxies John Payne (Apr 25)
- Re: Open relays and open proxies Jack Bates (Apr 25)
- Re: Open relays and open proxies Adi Linden (Apr 25)
- Re: Open relays and open proxies jlewis (Apr 24)
- Re: Open relays and open proxies Paul Vixie (Apr 24)
- Re: Open relays and open proxies Jack Bates (Apr 24)
- Re: Open relays and open proxies John Payne (Apr 24)
- Re[2]: Open relays and open proxies Richard Cox (Apr 25)
- RE: Open relays and open proxies Joseph Barnhart (Apr 30)