nanog mailing list archives
Re: Time to check the rate limits on your mail servers
From: Raymond Dijkxhoorn <raymond () prolocation net>
Date: Thu, 3 Feb 2005 16:08:49 +0100 (CET)
Hi!
CNET reports http://news.com.com/Zombie+trick+expected+to+send+spam+sky-high/2100-7349_3-5560664.html?tag=cd.topthat botnets are now routing their mail traffic through the local ISP's mail servers rather than trying their own port 25 connections.
Both on ASRG and here on NANOG, many of us said many times, and most of the times people called me crazy;1. Block port 25 for dynamic ranges - that will kill the current strain of worms. 2. It won't solve spam, and neither will SPF or anything else of the sort, as when you have 100K zombies, you don't need to act a server, you can use the real credentials for the user, and even if limited to a 1000 messages, that times 100K drones is...
Did you actially read the article? This was about drones sending out via its ISP mailserver. Blocking outbound 25 doesnt help a bit here. In general sure, good ide, and also start using submission for example. But in this contect its silly.
Bye, Raymond.
Current thread:
- Re: Time to check the rate limits on your mail servers, (continued)
- Re: Time to check the rate limits on your mail servers Joe Maimon (Feb 03)
- Re: Time to check the rate limits on your mail servers J.D. Falk (Feb 03)
- Re: Time to check the rate limits on your mail servers Kevin (Feb 03)
- Re: Time to check the rate limits on your mail servers Michael . Dillon (Feb 03)
- Re: Time to check the rate limits on your mail servers Nils Ketelsen (Feb 03)
- Re: Time to check the rate limits on your mail servers Raymond Dijkxhoorn (Feb 03)
- Re: Time to check the rate limits on your mail servers up (Feb 03)
- Re: Time to check the rate limits on your mail servers John Levine (Feb 05)
- Re: Time to check the rate limits on your mail servers Rich Kulawiec (Feb 03)
- Re: Time to check the rate limits on your mail servers Gadi Evron (Feb 03)
- Re: Time to check the rate limits on your mail servers Raymond Dijkxhoorn (Feb 03)
- Re: Time to check the rate limits on your mail servers Gadi Evron (Feb 03)
- Re: Time to check the rate limits on your mail servers Raymond Dijkxhoorn (Feb 03)
- Re: Time to check the rate limits on your mail servers Gadi Evron (Feb 03)
- Re: Time to check the rate limits on your mail servers Michael . Dillon (Feb 03)
- Re: Time to check the rate limits on your mail servers Scott Weeks (Feb 03)
- Re: Time to check the rate limits on your mail servers Raymond Dijkxhoorn (Feb 03)
- Re: Time to check the rate limits on your mail servers Jørgen Hovland (Feb 03)
- Re: Time to check the rate limits on your mail servers Gadi Evron (Feb 03)
- Re: Time to check the rate limits on your mail servers Jason Frisvold (Feb 03)
- Re: Time to check the rate limits on your mail servers Valdis . Kletnieks (Feb 03)
- Re: Time to check the rate limits on your mail servers Jason Frisvold (Feb 03)