[57846] in North American Network Operators' Group
Re: Open relays and open proxies
daemon@ATHENA.MIT.EDU (Valdis.Kletnieks@vt.edu)
Fri Apr 25 07:50:58 2003
To: Jeff Kell <jeff-kell@utc.edu>
Cc: Rob Thomas <robt@cymru.com>, NANOG <nanog@merit.edu>
In-Reply-To: Your message of "Thu, 24 Apr 2003 20:20:19 EDT."
<3EA87F43.1060607@utc.edu>
From: Valdis.Kletnieks@vt.edu
Date: Fri, 25 Apr 2003 07:50:19 -0400
Errors-To: owner-nanog-outgoing@merit.edu
--==_Exmh_-762694077P
Content-Type: text/plain; charset=us-ascii
On Thu, 24 Apr 2003 20:20:19 EDT, Jeff Kell said:
> If we could somehow blackhole *only* SMTP inbound, that would be ideal,
> but I feel that blackholing all IP from/to those sites would be far too
> much collateral damage.
Unfortunately, for many of these hosts, there's no motivation to fix
things until the collateral damage reaches the equivalent of having a
live hand grenade stuffed into an appropriate bodily orifice.
A lot of these are home systems - and the *quickest* way to get them
all fixed would be if the 10 top websites refused to talk to them if
they were known open proxies.
On my more cynical days, I'd even advocate not worrying about the fact
that home systems often have dynamic IP addresses - that provides MORE
motivation for the ISP to track down the real offender before they
start losing customers....
--==_Exmh_-762694077P
Content-Type: application/pgp-signature
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
Comment: Exmh version 2.5 07/13/2001
iD8DBQE+qSD6cC3lWbTT17ARAsNIAKDTUJJKcvAtdPSetHnYa0kTKauGUgCfYOqs
efLwW2d0pieHYS/T5ZiJjvA=
=2iaV
-----END PGP SIGNATURE-----
--==_Exmh_-762694077P--
