Merit Network
Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: ** Forged spamming going on

  • From: Robert Tarrall
  • Date: Mon Dec 21 11:09:00 1998

alex@nac.net wrote:
-> some luser off of AT&T DIalup is using mailme.com (my domain) for relaying
-> mail:
-> Received: from mailme.com (146.st-louis-71-72rs.mo.dial-access.att.net
-> [...]
-> He is sending thousands of emails to AOL users, who is then bouncing them
-> to me.
-> [...]
-> Thinking about this, there is no solution; here are my options:
-> 
-> 1) blackhole AT&T, which does nothing, since the mail is bounces coming
-> from AOL.
-> 
-> 2) blackhole AOL, which would fix my attack, but would break all
-> legitimate mail from/to AOL.
-> 
-> 3) temporarily blackhole mailme.com, which would prevent me from getting
-> the bounces, but then I can't send/get legit mail.

You forgot:

4) Deny relaying, which sendmail 8.9.1a will do by default (has worked
  great for us so far), and
5) Deny access to dial-access.att.net (and dialsprint.net, da.uu.net,
  pub-ip.psi.net, etc) which is what we're doing here just because we
  get so much spam directly from such dialup accounts these days.

Anyone have a list of legitimate outgoing SMTP servers for the big dialup
companies (UUnet, PSI, Concentric, AT&T, Sprint, etc)?  So far I haven't had
any complaints about blocking stuff like da.uu.net, but I'd like to make sure
that legitimate email can still get through.

			-Robert Tarrall.-
			System/Network Admin
			E Central




Discussion Communities


About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home


Merit Network, Inc.