nanog mailing list archives

Re: Spamhaus...

From: Larry Sheldon <LarrySheldon () cox net>
Date: Sat, 20 Feb 2010 20:29:10 -0600

On 2/20/2010 4:57 PM, James Hess wrote:

For the purpose of the following two paragraphs, pretend for the moment
that you operate a business selling stuff via an email address
Sales () Example Com.  For dramatic effect, assume your children will
starve if you are not able to sell anything.

Further, pretend that you have really annoyed somebody--a competitor,
perhaps.  Suppose that your competitor has contracted with a real,
genuine spammer to send email mmessages advertizing some trash at a rate
of tens of thousands per second until the bot-net gets shut down   using
Sales () Example Com as the Return-Path.

Now.  Read the two paragraphs.

Spurious DSNs  are less harmful than missing DSNs.  Spurious DSNs can
be discarded easily by the mail server that knows it didn't pass that
message.    DSNs that were not generated cannot be recovered.

Discarding is currently the responsibility of the mail server whose
address has been forged.  Just like it's the responsibility of a host
whose source address was forged in a TCP transaction, to  discard  the
"ACK"  packet for a connection that resulted from a spoofed SYN.


Anything about those two 'graphs you would like to reconsider?


And by the way, when I was running a network, if I got very many errant
SYN's from a particular source, that source would get a static route to
a 500 ohm resistor.

The mail server sending DSN for the fake message, or replying to a
spoofed SYN is  not a spammer in any way,   they are actually a victim
 wasting their own bandwidth  responding to a bogus message.


Victim they may be, spammer they are,  The definition of "spammer" does
not include a "get even with the world" or "do unto others as was done
unto you" clauses.

-- 
"Government big enough to supply everything you need is big enough to
take everything you have."

Remember:  The Ark was built by amateurs, the Titanic by professionals.

Requiescas in pace o email
Ex turpi causa non oritur actio
Eppure si rinfresca

ICBM Targeting Information:  http://tinyurl.com/4sqczs
http://tinyurl.com/7tp8ml

Current thread:

Re: Spamhaus..., (continued)
- - - Re: Spamhaus... John Levine (Feb 20)
    - Re: Spamhaus... Graeme Fowler (Feb 21)
    - Re: Spamhaus... Michelle Sullivan (Feb 21)
    - Re: Spamhaus... Jon Lewis (Feb 21)
    - Re: Spamhaus... Tony Finch (Feb 21)
    - Re: Spamhaus... Michelle Sullivan (Feb 21)
    - Re: Spamhaus... Jon Lewis (Feb 21)
    - Re: DNSBLs other than Spamhaus... John Levine (Feb 21)
    - Re: Spamhaus... Larry Sheldon (Feb 21)
    - Re: Spamhaus... Matthias Leisi (Feb 21)
    - Re: Spamhaus... Larry Sheldon (Feb 20)
    - Re: blowback, was Spamhaus... John Levine (Feb 20)