North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Response from Cyber Promotions (fwd)

  • From: Doug McIntyre
  • Date: Mon Apr 21 10:46:28 1997
  • Posted-date: Mon, 21 Apr 1997 09:35:36 -0500 (CDT)

> > Read the msg below from Cyberpromo.  It is valid for ISPs to block at the
> > router level as well as the sendmail level as per Cyberpromo's mail.  I
> > figured some people here may be interested in this. :-)
> > 
> > Hank Nussbacher
> > 

> This will not work if you have an off-site MX or you have an off-site MX
> that doesn't have the same packet filtering rules that you do.
> 
> It will time out to the first MX, and deliver to the next.  If that next MX
> is off-site, it will be delivered there and you will just get the spam
> via that route.. :/
> 
> It's best done with sendmail rules, I suppose.

> jamie g.k. rishaw <[email protected]> - Internet Access Group [www.iagnet.net]
>   - Cleveland-Pittsburgh-Detroit-Columbus-Akron-Toledo-Cincinnatti-Dayton -
> Corp: (800) 637 4IAG / (216) 623 3565. DID: (216) 902 5455. FAX (216) 623 3566.
> Personal: [email protected]@arpa.com || [email protected]@null.net (Remove second @, nonspammers) =)

But most of the bulk spammer programs out there don't follow MX
records. They blast directly into the sendmail port of the primary
machine, and if they can't do that, they leave it at that and move
on.. Blocking spam sites directly at the sendmail level (with
tcp_wrappers), does effectively block out bad domains. 

- - - - - - - - - - - - - - - - -