[96789] in North American Network Operators' Group
Re: Interesting new dns failures
daemon@ATHENA.MIT.EDU (Suresh Ramasubramanian)
Thu May 24 22:54:58 2007
Date: Fri, 25 May 2007 08:23:51 +0530
From: "Suresh Ramasubramanian" <ops.lists@gmail.com>
To: "John LaCour" <johnlacour@gmail.com>
Cc: "David Ulevitch" <davidu@everydns.net>,
"Douglas Otis" <dotis@mail-abuse.org>,
"Gadi Evron" <ge@linuxbox.org>,
"Chris L. Morrow" <christopher.morrow@verizonbusiness.com>,
nanog@merit.edu
In-Reply-To: <1ea4ea7a0705241504w5ce37c0eg82e2fab60769f7c5@mail.gmail.com>
Errors-To: owner-nanog@merit.edu
On 5/25/07, John LaCour <johnlacour@gmail.com> wrote:
> If you're an network operator and you'd consider null routing IPs
> associated with nameservers used only by phishers, please let me know
> and we'll be happy to provide the appropriate evidence.
Half of them are on fastflux so nullroutes wouldnt help. Some
mailservers (recent postfix) allow you to block by NS, or there's
always the good old expedient of bogusing these out in your bind
resolver config, or serving up a fake zone for them.
--
Suresh Ramasubramanian (ops.lists@gmail.com)
