[87190] in North American Network Operators' Group
Re: SMTP store and forward requires DSN for integrity (was Re:Clueless anti-virus )
daemon@ATHENA.MIT.EDU (Douglas Otis)
Fri Dec 9 13:02:56 2005
In-Reply-To: <Pine.NEB.4.63.0512091218330.2587@server.duh.org>
Cc: "Geo." <geoincidents@nls.net>, nanog@merit.edu
From: Douglas Otis <dotis@mail-abuse.org>
Date: Fri, 9 Dec 2005 09:59:52 -0800
To: Todd Vierling <tv@duh.org>
Errors-To: owner-nanog@merit.edu
On Dec 9, 2005, at 9:22 AM, Todd Vierling wrote:
> Actually, I get about ten to twenty times as much virus blowback as
> I get spam from trojan-zombie boxes.
>
> That's because the virus blowback comes from otherwise "reputable"
> MTAs, whereas the spam comes form zombies that are often already
> blacklisted, or are in known dynamic pools that are blocked here.
> Thus the zombies get blocked long before DATA, but the "reputable"
> MTAs sending the backscatter don't get caught so early.
I am having difficulty understanding why a one time investment in
Bounce-Address Tag Validation which can be in operation immediately
and offer 100% "blowback" protection from _all_ sources using trivial
resources is not being considered? The more who lock their back
door, the fewer times you will find miscreants checking to see that
it is locked.
-Doug
