nanog mailing list archives
Re: AW: Uptick in spam
From: Octavio Alvarez <octalnanog () alvarezp org>
Date: Wed, 28 Oct 2015 00:44:04 -0700
On 10/27/2015 05:09 AM, Ian Smith wrote:
On Mon, Oct 26, 2015 at 9:40 PM, Octavio Alvarez <octalnanog () alvarezp org <mailto:octalnanog () alvarezp org>> wrote: On 26/10/15 11:38, Jürgen Jaritsch wrote: <snip> But it is originating all from different IP addresses. Who knows if this is an attack to get *@jdlabs.fr <http://jdlabs.fr/> blocked from NANOG and is just getting its goal accomplished. This is the part that's been bugging me. Doesn't the NANOG server implement SPF checking on inbound list mail? jdlabs.fr <http://jdlabs.fr> doesn't appear to have an SPF record published. It seems to me that these messages should have been dropped during the connection.
That doesn't stop spam from hijacked accounts.For this case, an account was compromised, apparently. What if after 6 messages in the last 5 minutes with the same or absent 'In-Reply-To' moves the account to moderation mode.
Easier said than implemented, though.
Current thread:
- Re: Uptick in spam, (continued)
- Re: Uptick in spam Rich Kulawiec (Oct 27)
- Re: Uptick in spam Ian Smith (Oct 27)
- Re: Uptick in spam Colin Johnston (Oct 27)
- Re: Uptick in spam anthony kasza (Oct 27)
- Re: Uptick in spam Rich Kulawiec (Oct 27)
- Re: Uptick in spam Peter Beckman (Oct 27)
- Re: more FUSSPs, Uptick in spam John Levine (Oct 27)
- Re: more FUSSPs, Uptick in spam Ian Smith (Oct 27)
- Re: Uptick in spam Connor Wilkins (Oct 27)
- Re: Uptick in spam Octavio Alvarez (Oct 28)
- Re: AW: Uptick in spam Octavio Alvarez (Oct 28)
- Re: AW: Uptick in spam Jim Popovitch (Oct 28)
- Re: Uptick in spam Ian Smith (Oct 26)
- RE: Uptick in spam Steve Mikulasik (Oct 26)
- Re: Uptick in spam Andrew Kirch (Oct 26)
- Re: Uptick in spam Larry Sheldon (Oct 26)
- Re: Uptick in spam A . L . M . Buxey (Oct 27)