[95494] in North American Network Operators' Group
Re: Slightly OT: Looking for an old domain for spam collection
daemon@ATHENA.MIT.EDU (Ken Simpson)
Wed Mar 28 12:09:41 2007
Date: Wed, 28 Mar 2007 09:05:45 -0700
From: Ken Simpson <ksimpson@mailchannels.com>
To: Douglas Otis <dotis@mail-abuse.org>
Cc: Tony Finch <dot@dotat.at>,
"Chris L. Morrow" <christopher.morrow@verizonbusiness.com>,
Nanog <nanog@merit.edu>
Reply-To: Ken Simpson <ksimpson@mailchannels.com>
In-Reply-To: <1175090055.5962.172.camel@dcore.sonic.net>
Errors-To: owner-nanog@merit.edu
> The conclusion of that thread can be found here:
> http://www.merit.edu/mail.archives/nanog/msg04555.html
Thanks!
> A word of caution. When attempting to collect IP address based abuse
> information, spoofed BGP announcements MUST be tracked as well. This
> topic or even mention of ASNs was excluded in the "Guidelines for
> Management of DNS-Based Reputation Systems for Email" written by Yakov
> Shafranovich, Nick Nicholas, Matt Sergeant, and Chris Lewis and
> published by Nick Nicholas on the ASRG reflector. This paper ironically
> excluded the role of the provider.
We're not going to be using the data as a honey pot, so it won't
affect anyone's reputation. This is really just for "real-world" load
testing and evaluation of new techniques.
Our customers get lots of mail, but we have to be -- how shall I say
-- careful with it!
> A cooperative effort by providers is likely the _only_ viable solution
> for dealing with this chronic problem. Targeted abuse is also unlikely
> to be detected from disposed MX domains, but will detect amateurs.
I agree whole-heartedly. What is particularly missing IMHO is a
spoofed-BGP-route blacklist. Anyone making any progress on that sort
of thing?
Regards,
Ken
--
Ken Simpson, CEO
MailChannels Corporation
Reliable Email Delivery (tm)
http://www.mailchannels.com
