nanog mailing list archives

Previous By Date Next
Previous By Thread Next

Re: FW: The worst abuse e-mail ever, sverige.net

From: Douglas Otis <dotis () mail-abuse org>
Date: Tue, 21 Sep 2004 14:09:22 -0700

On Tue, 2004-09-21 at 13:01, Mikael Abrahamsson wrote:

On Tue, 21 Sep 2004, Dan Mahoney, System Admin wrote:


Unless your connection is permenent, with a permanent static ip, you 
should not be *directly* sending out mail.  The very nature of dynamic ips 
implies that even if a single subscriber gets infected, you have no 
guarantee YOU won't wind up with that ip next.


As I said, this is DSL, which to me implies always on. Each DSLAM port
only allows one IP address, this is set statically. The customer has a
static IP address assigned to him/her, which never changes over time. No
DHCP, nothing dynamic what so ever. If you want to make yourself
unreachable to one of our customers you blacklist their IP which is always
the same. Simple.

Now, how do we make the world understand this? 


When this customer discontinues services, would you want to reuse this
address?  If your network was (ab)used sending spam, then the next
customer may find this address unusable and you would need to contact a
few hundred blacklists in an attempt to rehabilitate the address.
As a prophylactic measure, Port 25 is blocked or transparently
intercepted to monitor the network via error logs.  For external mail
submissions, Port 587 would be recommended.

There is an overview of this at:
http://www.ietf.org/internet-drafts/draft-hutzler-spamops-01.txt

-Doug
Previous By Date Next
Previous By Thread Next

Current thread: