nanog mailing list archives
Verizon is easily fooled by spamming zombies (was: Re: VerizonWireless.com Mail Blacklists)
From: Steven Champeon <schampeo () hesketh com>
Date: Wed, 1 Jun 2005 12:28:22 -0400
on Wed, Jun 01, 2005 at 12:07:33PM -0400, Rich Kulawiec wrote:
(As to Verizon itself, since three different people pointed out the relative lack of SBL listings: keep in mind that SBL listings are put in place for very specific reasons, and aren't the only indicator of spam. Other DNSBLs and RHSBLs, e.g. the CBL, use different criteria and thus provide different measurements (if you will) of spam. So, to give a sample data point, in the last week alone, there have been 315 spam attempts directed at *just this address* from 194 different IP addresses (list attached) that belong to VZ. Have I reported them? Of *course* not. What would be the point in that?)
<snip evidence of astounding lack of clue of VZ's customers> Zombies I expect; what's worse is that they're /obviously/ not even doing the most basic checks: Received: from verizon.net ([63.24.130.230]) (63.24.130.230 is 1Cust742.an1.nyc41.da.uu.net, HELO'd as 'verizon.net' and VZ still relayed it) Received: from verizon.net ([68.130.237.39]) (68.130.237.39 is 1Cust39.tnt26.mia5.da.uu.net, HELO'd as 'verizon.net' and VZ still relayed it) Received: from verizon.net ([68.130.237.35]) (68.130.237.35 is 1Cust35.tnt26.mia5.da.uu.net, HELO'd as 'verizon.net' and VZ still relayed it) Received: from verizon.net ([65.34.38.26]) (65.34.38.26 is c-65-34-38-26.hsd1.fl.comcast.net, HELO'd as 'verizon.net' and VZ still relayed it) Received: from verizon.net ([65.34.184.15]) (65.34.184.15 is c-65-34-184-15.hsd1.fl.comcast.net, etc.) IOW, VZ isn't even checking to see if a zombie'd host is forging its own domain into HELO, regardless of whether it comes from Comcast or UUNet, and as long as the forged sender has a verizon.net address, and the recipient hasn't blocked VZ's silly callback system, the message is relayed. Thanks, Verizon. We can hear you now. -- hesketh.com/inc. v: +1(919)834-2552 f: +1(919)834-2554 w: http://hesketh.com join us! http://hesketh.com/about/careers/account_manager.html join us!
Current thread:
- Re: VerizonWireless.com Mail Blacklists Rich Kulawiec (Jun 01)
- Verizon is easily fooled by spamming zombies (was: Re: VerizonWireless.com Mail Blacklists) Steven Champeon (Jun 01)
- Re: Verizon is easily fooled by spamming zombies (was: Re: VerizonWireless.com Mail Blacklists) Patrick W. Gilmore (Jun 01)
- Re: Verizon is easily fooled by spamming zombies Martin Hepworth (Jun 01)
- Re: Verizon is easily fooled by spamming zombies Patrick W. Gilmore (Jun 01)
- Re: Verizon is easily fooled by spamming zombies Gadi Evron (Jun 01)
- Re: Verizon is easily fooled by spamming zombies Patrick W. Gilmore (Jun 01)
- Re: Verizon is easily fooled by spamming zombies Gadi Evron (Jun 01)
- Re: Verizon is easily fooled by spamming zombies Patrick W. Gilmore (Jun 01)
- Re: Verizon is easily fooled by spamming zombies Gadi Evron (Jun 01)
- Re: Verizon is easily fooled by spamming zombies Patrick W. Gilmore (Jun 01)
- Re: Verizon is easily fooled by spamming zombies Gadi Evron (Jun 01)
- Re: Verizon is easily fooled by spamming zombies (was: Re: VerizonWireless.com Mail Blacklists) Patrick W. Gilmore (Jun 01)
- Verizon is easily fooled by spamming zombies (was: Re: VerizonWireless.com Mail Blacklists) Steven Champeon (Jun 01)