[59280] in North American Network Operators' Group
Re: ISPs are asked to block yet another port
daemon@ATHENA.MIT.EDU (Jack Bates)
Mon Jun 23 16:02:59 2003
Date: Mon, 23 Jun 2003 15:05:47 -0500
From: Jack Bates <jbates@brightok.net>
To: "Christopher L. Morrow" <chris@UU.NET>
Cc: Paul Vixie <vixie@vix.com>, nanog@merit.edu
In-Reply-To: <Pine.GSO.4.53.0306231942540.23433@rampart.argfrp.us.uu.net>
Errors-To: owner-nanog-outgoing@merit.edu
Christopher L. Morrow wrote:
> This is what our, atleast, abuse team calls 'fantasy mail'. There is a fix
> for it, port 25 in and out filtering for radius customers. The 'problem'
> as I understand it, is that the change would be a contract change so it
> has to wait for expiration of said contract to be enforced... :( Its a
> sucky world sometimes. Perhaps Paul complained to
> ATT/<other-unnamed-provider> with logs and such? :)
>
There is another fix for it. If neither provider allowed spoofing, then
the individual couldn't send spoofed packets out one way and allow the
syn/ack back via the other. Of course, there are better reasons for
spoof protection ingress/egress than a little port 25 traffic.
-Jack
