North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: *** MAKE [email protected] DIE FAST!!! *** (fwd)
You can do the same stuff with sendmail allright. At least with the one found at ftp.cs.berkeley.edu. Dima Ehud Gavron writes: > > Personally I'm all for it. > > My company, ACES Research, uses the mailer from Innosoft > International, PMDF. > > It does application level refusals *PRIOR* to reception of > the mail. (Unlike sendmail which would accept the mail, > then return it). > > Try sending mail from *@aol.com to *@aces.com, and see what you get :) > > :-) > > Ehud > p.s. We do application-level filter as opposed to router-level > filtering because we want to log the connects/refusals as > they occur. (with sender/recipient attempted address) > > > > >I see the following kind of message on a regular basis. How long before > >this kind of thing starts to cause significant problems? And lest you say > >that xmission.com is only a small unimportant provider, I've seen much > >larger ones also saying they do this and not everybody is as selective > >about only blocking one port. > > >Michael Dillon - ISP & Internet Consulting > >Memra Software Inc. - Fax: +1-604-546-3049 > >http://www.memra.com - E-mail: [email protected] > > >---------- Forwarded message ---------- > >Date: Wed, 21 Aug 1996 15:38:19 -0600 (MDT) > >From: Pete Ashdown <[email protected]> > >Reply-To: [email protected] > >To: [email protected] > >Subject: *** MAKE [email protected] DIE FAST!!! *** > >Resent-Date: Wed, 21 Aug 1996 15:39:02 -0600 (MDT) > >Resent-From: [email protected] > > >We have seen an inordinate amount of spam email sourcing from Interramp.com > >and their customers. Despite frequent attempts to notify KEN ANDREWS, PSI, > >or any living soul at Interramp, our pleas have gone unanswered. As a > >result, *ALL* SMTP mail traffic from Interramp's networks has been blocked at > >the router level here. > > >I would encourage *EVERY* responsible ISP to do the same. Interramp does not > >appear to care about spam problems, and in fact has become a haven for this > >type of crap due to their complicity. > > >The following is instructions on how to block Interramp SMTP traffic on a > >Cisco: > > >Make an extended IP access list: > > >access-list 120 deny tcp 38.8.23.0 0.0.0.255 eq smtp any > >access-list 120 deny tcp 38.8.31.0 0.0.0.255 eq smtp any > >access-list 120 deny tcp 38.8.45.0 0.0.0.255 eq smtp any > >access-list 120 deny tcp 38.8.65.0 0.0.0.255 eq smtp any > >access-list 120 deny tcp 38.9.51.0 0.0.0.255 eq smtp any > >access-list 120 deny tcp 38.10.1.0 0.0.0.255 eq smtp any > >access-list 120 deny tcp 38.10.2.0 0.0.0.255 eq smtp any > >access-list 120 deny tcp 38.10.3.0 0.0.0.255 eq smtp any > >access-list 120 deny tcp 38.10.4.0 0.0.0.255 eq smtp any > >access-list 120 deny tcp 38.10.5.0 0.0.0.255 eq smtp any > >access-list 120 deny tcp 38.10.220.0 0.0.0.255 eq smtp any > >access-list 120 deny tcp 38.11.72.0 0.0.0.255 eq smtp any > >access-list 120 deny tcp 38.11.122.0 0.0.0.255 eq smtp any > >access-list 120 deny tcp 38.11.183.0 0.0.0.255 eq smtp any > >access-list 120 deny tcp 38.11.189.0 0.0.0.255 eq smtp any > >access-list 120 deny tcp 38.11.194.0 0.0.0.255 eq smtp any > >access-list 120 deny tcp 38.11.207.0 0.0.0.255 eq smtp any > >access-list 120 deny tcp 38.11.208.0 0.0.0.255 eq smtp any > >access-list 120 deny tcp 38.11.209.0 0.0.0.255 eq smtp any > >access-list 120 deny tcp 38.11.210.0 0.0.0.255 eq smtp any > >access-list 120 deny tcp 38.11.215.0 0.0.0.255 eq smtp any > >access-list 120 deny tcp 38.11.217.0 0.0.0.255 eq smtp any > >access-list 120 deny tcp 38.11.224.0 0.0.0.255 eq smtp any > >access-list 120 deny tcp 38.11.226.0 0.0.0.255 eq smtp any > >access-list 120 deny tcp 38.11.227.0 0.0.0.255 eq smtp any > >access-list 120 deny tcp 38.11.229.0 0.0.0.255 eq smtp any > >access-list 120 deny tcp 38.11.230.0 0.0.0.255 eq smtp any > >access-list 120 deny tcp 38.11.231.0 0.0.0.255 eq smtp any > >access-list 120 deny tcp 38.11.237.0 0.0.0.255 eq smtp any > >access-list 120 deny tcp 38.11.243.0 0.0.0.255 eq smtp any > >access-list 120 deny tcp 38.11.244.0 0.0.0.255 eq smtp any > >access-list 120 deny tcp 38.12.81.0 0.0.0.255 eq smtp any > >access-list 120 deny tcp 38.12.93.0 0.0.0.255 eq smtp any > >access-list 120 deny tcp 38.12.126.0 0.0.0.255 eq smtp any > >access-list 120 deny tcp 38.12.128.0 0.0.0.255 eq smtp any > >access-list 120 deny tcp 38.12.138.0 0.0.0.255 eq smtp any > >access-list 120 deny tcp 38.12.140.0 0.0.0.255 eq smtp any > >access-list 120 deny tcp 38.12.156.0 0.0.0.255 eq smtp any > >access-list 120 deny tcp 38.12.157.0 0.0.0.255 eq smtp any > >access-list 120 deny tcp 38.12.158.0 0.0.0.255 eq smtp any > >access-list 120 deny tcp 38.12.178.0 0.0.0.255 eq smtp any > >access-list 120 deny tcp 38.12.179.0 0.0.0.255 eq smtp any > >access-list 120 deny tcp 38.12.190.0 0.0.0.255 eq smtp any > >access-list 120 deny tcp 38.12.205.0 0.0.0.255 eq smtp any > >access-list 120 deny tcp 38.12.206.0 0.0.0.255 eq smtp any > >access-list 120 deny tcp 38.12.208.0 0.0.0.255 eq smtp any > >access-list 120 deny tcp 38.12.209.0 0.0.0.255 eq smtp any > >access-list 120 deny tcp 38.12.234.0 0.0.0.255 eq smtp any > >access-list 120 deny tcp 38.12.243.0 0.0.0.255 eq smtp any > >access-list 120 deny tcp 38.14.101.0 0.0.0.255 eq smtp any > >access-list 120 deny tcp 38.14.110.0 0.0.0.255 eq smtp any > >access-list 120 deny tcp 38.14.126.0 0.0.0.255 eq smtp any > >access-list 120 deny tcp 38.14.128.0 0.0.0.255 eq smtp any > >access-list 120 deny tcp 38.14.138.0 0.0.0.255 eq smtp any > >access-list 120 deny tcp 38.14.140.0 0.0.0.255 eq smtp any > >access-list 120 deny tcp 38.14.142.0 0.0.0.255 eq smtp any > >access-list 120 deny tcp 38.14.35.0 0.0.0.255 eq smtp any > >access-list 120 deny tcp 38.14.36.0 0.0.0.255 eq smtp any > >access-list 120 deny tcp 38.14.37.0 0.0.0.255 eq smtp any > >access-list 120 deny tcp 38.14.40.0 0.0.0.255 eq smtp any > >access-list 120 deny tcp 38.14.45.0 0.0.0.255 eq smtp any > >access-list 120 deny tcp 38.14.74.0 0.0.0.255 eq smtp any > >access-list 120 deny tcp 38.14.79.0 0.0.0.255 eq smtp any > >access-list 120 deny tcp 38.14.82.0 0.0.0.255 eq smtp any > >access-list 120 deny tcp 38.26.44.0 0.0.0.255 eq smtp any > >access-list 120 ip permit all all > > >Due to the fact that Interramp's networks are not contiguous in any apparent > >way, you have to block each one on a class C basis. If anyone sees any > >evidence otherwise, please let me know. Of course, it wouldn't be a bad idea > >to block all of 38.0.0.0 because PSI hasn't been cooperative either. > > >After the list is created, add it to your incoming interfaces with: > > >ip access-group 120 in > > >The 120 is arbitrary, it can be anything in the extended IP access-list range. > > >============================== ISP Mailing List ============================== > >Email ``unsubscribe'' to [email protected] to be removed. > >Don't post messages that just say ``me too''. > > - - - - - - - - - - - - - - - - -
|