[130502] in North American Network Operators' Group
Re: do you use SPF TXT RRs? (RFC4408)
daemon@ATHENA.MIT.EDU (Suresh Ramasubramanian)
Mon Oct 4 17:05:51 2010
In-Reply-To: <27834.1286225948@localhost>
Date: Mon, 4 Oct 2010 17:05:12 -0400
From: Suresh Ramasubramanian <ops.lists@gmail.com>
To: Valdis.Kletnieks@vt.edu
Cc: "nanog@nanog.org list" <nanog@nanog.org>,
Greg Whynott <Greg.Whynott@oicr.on.ca>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
dig throwaway1.com NS
dig throwaway2.com NS
etc etc ... and then check_sender_ns_access in postfix, for example.
Scales much better than whackamoling one domain after the other on the same NS
On Mon, Oct 4, 2010 at 4:59 PM, <Valdis.Kletnieks@vt.edu> wrote:
>
> 140 million .coms. Throw-away domains. I do believe that Marcus Ranum had
> "trying to enumerate badness" on his list of "Six stupidest security ideas".
> This won't scale as long as you have more spammers adding new domains faster
> than your NOC staff can add them to the blacklist.
>
> (And even centralized blacklists run by dedicated organizations haven't solved
> the problem yet, so I'm not holding my breath waiting for that to work out...)
--
Suresh Ramasubramanian (ops.lists@gmail.com)
