|
|
|
|
|
|
|
|
|
|
|
|
| home | help | back | first | fref | pref | prev | next | nref | lref | last | post |
To: alex@nac.net Cc: nanog@merit.edu In-reply-to: Message from "alex@nac.net" sent Sun, 20 Dec 1998 16:53:26 EST Date: Mon, 21 Dec 1998 09:07:29 -0700 From: Robert Tarrall <tarrall@ecentral.com> alex@nac.net wrote: -> some luser off of AT&T DIalup is using mailme.com (my domain) for relaying -> mail: -> Received: from mailme.com (146.st-louis-71-72rs.mo.dial-access.att.net -> [...] -> He is sending thousands of emails to AOL users, who is then bouncing them -> to me. -> [...] -> Thinking about this, there is no solution; here are my options: -> -> 1) blackhole AT&T, which does nothing, since the mail is bounces coming -> from AOL. -> -> 2) blackhole AOL, which would fix my attack, but would break all -> legitimate mail from/to AOL. -> -> 3) temporarily blackhole mailme.com, which would prevent me from getting -> the bounces, but then I can't send/get legit mail. You forgot: 4) Deny relaying, which sendmail 8.9.1a will do by default (has worked great for us so far), and 5) Deny access to dial-access.att.net (and dialsprint.net, da.uu.net, pub-ip.psi.net, etc) which is what we're doing here just because we get so much spam directly from such dialup accounts these days. Anyone have a list of legitimate outgoing SMTP servers for the big dialup companies (UUnet, PSI, Concentric, AT&T, Sprint, etc)? So far I haven't had any complaints about blocking stuff like da.uu.net, but I'd like to make sure that legitimate email can still get through. -Robert Tarrall.- System/Network Admin E Central
|
|
|
|
|
|
|
|
|
|
|
|
| home | help | back | first | fref | pref | prev | next | nref | lref | last | post |