[81236] in North American Network Operators' Group
Re: Verizon is easily fooled by spamming zombies (was: Re:
daemon@ATHENA.MIT.EDU (Christopher L. Morrow)
Wed Jun 1 14:36:02 2005
Date: Wed, 01 Jun 2005 18:29:39 +0000 (GMT)
From: "Christopher L. Morrow" <christopher.morrow@mci.com>
In-reply-to: <FD4C58BD-A724-4E6F-8C09-206D8A90E31D@ianai.net>
To: "Patrick W. Gilmore" <patrick@ianai.net>
Cc: nanog@nanog.org
Errors-To: owner-nanog@merit.edu
On Wed, 1 Jun 2005, Patrick W. Gilmore wrote:
>
> On Jun 1, 2005, at 1:54 PM, Christopher L. Morrow wrote:
>
> >> Received: from verizon.net ([63.24.130.230])
> >>
> >> (63.24.130.230 is 1Cust742.an1.nyc41.da.uu.net, HELO'd as
> >> 'verizon.net'
> >> and VZ still relayed it)
> >
> > keep in mind I'm just thinking out loud here, but is it possible that
> > verizon is using someone else for dial access in places? So,
> > perhaps these
> > are VZ customers doing the proper helo based on their funky mail
> > client?
>
> You might be right.
>
> I couldn't get to 63.24.130.230, but from my person server (which has
> no relation to VZ's network):
1Cust742.an1.nyc41.da.uu.net == 63.24.130.230
which is like:
22Cust55.tnt13.tco2.da.uu.net. == 67.206.50.55
*Cust***.DEV.HUB.da.uu.net == dialup user ip. Most times ppp customer,
most times a /24 (or like) per DEV... So, unless someone is logged in at
this time to: 63.24.130.230 there isn't anything to get to...
>
> patrick@p8.bos/1:59PM% telnet relay.verizon.net 25
> Trying 206.46.232.11...
> Connected to relay.verizon.net.
> Escape character is '^]'.
> 220 sv10pub.verizon.net MailPass SMTP server v1.2.0 - 013105113116JY
> +PrW ready Wed, 1 Jun 2005 12:59:33 -0500
> helo patrick.verizon.net
> 250 sv10pub.verizon.net
> mail from: patrick@verizon.net
> 250 Sender <patrick@verizon.net> OK
> rcpt to: patrick@ianai.net
> 530 5.7.1 Relaying not allowed: patrick@ianai.net
>
> This is much better than I originally thought.
>
> Still think they should allow sending mail from their network though. :)
>
'their network' I think is the problem for them, again I'm not a VZ
employee (yet?), but I'd bet they have several hundreds of blocks for DSL,
several DIAL providers and distributed smtp acceptance points for their
customers... It seems that SMTPAUTH would be a decent way to get this
resolved though (or ONE decent way).
