[57840] in North American Network Operators' Group
Re: Open relays and open proxies
daemon@ATHENA.MIT.EDU (John Payne)
Thu Apr 24 20:26:28 2003
Date: Thu, 24 Apr 2003 20:25:52 -0400
From: John Payne <john@sackheads.org>
To: Jeff Kell <jeff-kell@utc.edu>, Rob Thomas <robt@cymru.com>
Cc: NANOG <nanog@merit.edu>
In-Reply-To: <3EA87F43.1060607@utc.edu>
Errors-To: owner-nanog-outgoing@merit.edu
--On Thursday, April 24, 2003 8:20 PM -0400 Jeff Kell <jeff-kell@utc.edu>
wrote:
>
> Rob Thomas wrote:
>> Hi, NANOGers.
>>
>> ] anyone who was facile with perl could transform a full list of open
>> relays ] or proxies into something that avibgpd could use, so that you
>> could...
>>
>> If anyone can recommend a trusted list of proxies, we could provide
>> this data through something along the lines of the bogon route-server
>> project.
>
> If we could somehow blackhole *only* SMTP inbound, that would be ideal,
That's easy... standard ACLs, however that only protects against open
relays, does nothing about open proxies which are a MUCH bigger problem
> but I feel that blackholing all IP from/to those sites would be far too
> much collateral damage.
On the plus side, things would get noticed by the owners of the 0wn3d boxes
a lot quicker, and you wouldn't be aiding and abetting the skr1pt k1dd13s
by letting the proxies run wild.
