[118785] in North American Network Operators' Group
Re: dealing with bogon spam ?
daemon@ATHENA.MIT.EDU (Suresh Ramasubramanian)
Wed Oct 28 20:26:44 2009
In-Reply-To: <4AE893EF.4080906@i6ix.com>
Date: Thu, 29 Oct 2009 05:56:01 +0530
From: Suresh Ramasubramanian <ops.lists@gmail.com>
To: Jason Bertoch <jason@i6ix.com>
Cc: nanog@nanog.org
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
You are using it the wrong way .. most of the drop list is directly
spammer controlled space used as, for example, C&C for botnets.
You'd see tons of abuse and little or no smtp traffic from a lot of
those hosts.
On Thu, Oct 29, 2009 at 12:26 AM, Jason Bertoch <jason@i6ix.com> wrote:
> Justin Shore wrote:
>> As a brief off-shoot of the original topic, has anyone scripted the use =
of
>> Spamhaus's DROP list in a RTBH, ACLs, null-routes, etc? =C2=A0I'm not as=
king if
>> people think it's safe; that's up to the network wanting to deploy it. =
=C2=A0I'm
> Downloading and parsing is easy. =C2=A0I used to drop it into the config =
for a
> small dns server, rbldnsd I believe, that understands CIDR and used it as=
a
> local blacklist. =C2=A0It did very little to stop spam and I was never br=
ave
> enough to script an automatic update to BGP.
