[69105] in North American Network Operators' Group
Re: Redirecting mail (Re: Throttling mail)
daemon@ATHENA.MIT.EDU (Adi Linden)
Thu Mar 25 14:51:55 2004
Date: Thu, 25 Mar 2004 13:51:13 -0600 (CST)
From: Adi Linden <adil@adis.on.ca>
To: Valdis.Kletnieks@vt.edu
Cc: nanog@merit.edu
In-Reply-To: <200403251941.i2PJfHjP003209@turing-police.cc.vt.edu>
Errors-To: owner-nanog-outgoing@merit.edu
> On the other hand, it's probably more effective to find some way of making the
> Cisco gear block outbound 25 from abusive machines. Transparently redirecting
> the traffic is evil unless you plan to take all responsibility for relaying the
> mail (including mail that has MAIL FROM/RCPT TO that you may not wish to
> relay).
Right now I am blocking all network access for ip addresses I receive
believeable abuse reports for. The big problem is that it is a manual
process that does not start until a PC has already sent a massive amount
of abusive mail. After all, it does take time to read and act upon abuse
reports. By forcing smtp through a specific server at least some proactive
measures are possible such as throttling abusive behaviour.
Adi
