nanog mailing list archives
Re: botted hosts
From: Sean Donelan <sean () donelan com>
Date: Mon, 4 Apr 2005 01:10:40 -0400 (EDT)
On Sun, 3 Apr 2005, Dave Rand wrote:
The Kelkea (what used to be MAPS) DUL, with more than 150 million entries in it stopped about 41% of the spam last month. The QIL, a new product, stopped about 55%, with the remainder being stopped by the RBL, OPS and RSS. A view of this from a different perspective (an unrelated ISP) is available at http://status.hiwaay.net/spam.html That means that if just the ISPs that we have identified as having "dynamically assigned" addresses were to install port 25 blocking, more than 1/3 of the spam would vanish.
Why does anyone accept SMTP conenctions from known "dynamically assigned" addresses? DUL, QIL, etc should drop all those connections on the floor. If everyone was using DUL, QIL, etc, why do they still complain about getting spam from dynamically assigned addresses? If mail admins were to install DUL lists .... Does port 25 blocking actually make a difference? Any public data from before and after? Or does it just annoy people, cause problems and not fix anything?
Current thread:
- Re: botted hosts Randy Bush (Apr 03)
- <Possible follow-ups>
- Re: botted hosts Sean Donelan (Apr 03)
- Re: botted hosts Suresh Ramasubramanian (Apr 03)
- Re: botted hosts Sean Donelan (Apr 04)
- Re: botted hosts Alex Bligh (Apr 04)
- Message not available
- Re: botted hosts Sean Donelan (Apr 04)
- Re: botted hosts Simon Waters (Apr 05)
- Re: botted hosts Suresh Ramasubramanian (Apr 03)
- Re: botted hosts Suresh Ramasubramanian (Apr 04)
- Re: botted hosts Florian Weimer (Apr 04)
- Re: botted hosts Suresh Ramasubramanian (Apr 04)
- Re: botted hosts Petri Helenius (Apr 05)
- Re: botted hosts Petri Helenius (Apr 04)