North American Network Operators Group
Date Prev | Date Next |
Date Index |
Thread Index |
Author Index |
Historical
Re: BLS FastAccess internal tech needed
- From: Suresh Ramasubramanian
- Date: Thu Jan 12 22:49:23 2006
- Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=H7gKOD6G5QaAjl62NSAb43b+RXDkPhrFLgb6apTA6kfg2BLyrXlr9bUwWQDEeI5YxZGfLkRRvaue3/DPZvcXhldyiW5dt6UptbjakWi8Qq3joj0uoR52OR7F+9Oieix3tDukMU28puLBAfFKSMY/RzZm/vpqPVs0qXTjlOc2a1M=
On 1/13/06, Todd Vierling <tv@duh.org> wrote:
> (Your new SMTP port filters put in today in the Atlanta market are a step in
> the right direction, but they are configured incorrectly: They block
> outbound connections to port 25, which is good -- but they are also blocking
> *inbound* connections to a local SMTP receiver, which protects nothing and
> simply annoys those of us who have a clue.)
What they're *trying* to do is actually quite sensible, and beats
spammers trying to do asymmetric routing / source address spoofing
type stuff
I guess what they actually should do is filtering inbound connections
FROM port 25 to any port.
Thread starting from
http://www.merit.edu/mail.archives/nanog/2005-01/msg00127.html for
example
And an example of how people get bitten without doing that ..
What Hank thought: http://www.cctec.com/maillists/nanog/current/msg03171.html
Actual issue: http://www.cctec.com/maillists/nanog/current/msg03232.html
(which is what it turned out to be .. unidirectional port 25 filtering
and a customer - nigerian spammer rather - who was sending out packets
through a satellite interface but with Hank's IP as the source IP)
srs
--
Suresh Ramasubramanian (ops.lists@gmail.com)
|
