[80231] in North American Network Operators' Group
Re: Port 25 - Blacklash
daemon@ATHENA.MIT.EDU (Valdis.Kletnieks@vt.edu)
Wed Apr 27 12:47:51 2005
To: Suresh Ramasubramanian <ops.lists@gmail.com>
Cc: Joel Jaeggli <joelja@darkwing.uoregon.edu>,
Daniel Golding <dgolding@burtongroup.com>,
Hank Nussbacher <hank@mail.iucc.ac.il>,
Adam Jacob Muller <adam@gotlinux.us>,
Nanog Mailing list <nanog@merit.edu>
In-Reply-To: Your message of "Wed, 27 Apr 2005 14:31:42 +0530."
<bb0e440a05042702013e37b5db@mail.gmail.com>
From: Valdis.Kletnieks@vt.edu
Date: Wed, 27 Apr 2005 12:45:31 -0400
Errors-To: owner-nanog@merit.edu
--==_Exmh_1114620331_11109P
Content-Type: text/plain; charset=us-ascii
On Wed, 27 Apr 2005 14:31:42 +0530, Suresh Ramasubramanian said:
> But with smtp auth, the infected user is stamped in the email headers,
> and all over my MTA logs, when a bot that hijacks his PC starts
> spamming.
Of course, the same ISPs that will use the ID in the email headers are,
by and large, the same ones that already know how to match the IP in the
headers to their radius/tacacs/etc logs....
--==_Exmh_1114620331_11109P
Content-Type: application/pgp-signature
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)
Comment: Exmh version 2.5 07/13/2001
iD8DBQFCb8GrcC3lWbTT17ARAl/FAKD7UTMqdEBH4Fyl0pYTyKzcPHMwvgCbBDz2
nTPcUmra5hCOWnp8rhHFL5w=
=DSDW
-----END PGP SIGNATURE-----
--==_Exmh_1114620331_11109P--
