[99542] in North American Network Operators' Group
Re: DDoS Question
daemon@ATHENA.MIT.EDU (Ken Simpson)
Thu Sep 27 20:05:18 2007
Date: Thu, 27 Sep 2007 16:49:47 -0700
From: Ken Simpson <ksimpson@mailchannels.com>
To: Martin Hannigan <hannigan@gmail.com>
Cc: nanog@merit.edu
Reply-To: Ken Simpson <ksimpson@mailchannels.com>
In-Reply-To: <2d106eb50709271631jc78bc8egc2867b2ac06fd949@mail.gmail.com>
Errors-To: owner-nanog@merit.edu
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
> They randomize the name on the subject line. Is this any particular
> virus/malware/zombie signature and any suggestion on how to defend
> against it besides what I'm already doing (which is all of the
> obvious, rbls, spam appliances, hot cocoa, etc.)?
>=20
> This happened right around the time I started securing the name server
> infrastructure with BIND upgrades and recursor/authoritative NS
> splitting. :-)
RBLs are only effective against perhaps 50% of spam traffic, because
so much of it comes from never-seen-before zombies. What appliances
are you running? You might want to look at some kind of edge email
traffic shaping layer.
Regards,
Ken
- --=20
Ken Simpson
CEO, MailChannels
Fax: +1 604 677 6320
Web: http://mailchannels.com
MailChannels - Reliable Email Delivery (tm)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFG/EGb2YHPr/ypq5QRAuKNAKCYqf7uVoJmSAdKSSFH1NOTsLsZ6gCgk1Id
7+dI9UOemZtgqAI5pM+LwY4=3D
=3DV0fG
-----END PGP SIGNATURE-----
