|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: ** Forged spamming going on
[email protected] wrote: -> some luser off of AT&T DIalup is using mailme.com (my domain) for relaying -> mail: -> Received: from mailme.com (146.st-louis-71-72rs.mo.dial-access.att.net -> [...] -> He is sending thousands of emails to AOL users, who is then bouncing them -> to me. -> [...] -> Thinking about this, there is no solution; here are my options: -> -> 1) blackhole AT&T, which does nothing, since the mail is bounces coming -> from AOL. -> -> 2) blackhole AOL, which would fix my attack, but would break all -> legitimate mail from/to AOL. -> -> 3) temporarily blackhole mailme.com, which would prevent me from getting -> the bounces, but then I can't send/get legit mail. You forgot: 4) Deny relaying, which sendmail 8.9.1a will do by default (has worked great for us so far), and 5) Deny access to dial-access.att.net (and dialsprint.net, da.uu.net, pub-ip.psi.net, etc) which is what we're doing here just because we get so much spam directly from such dialup accounts these days. Anyone have a list of legitimate outgoing SMTP servers for the big dialup companies (UUnet, PSI, Concentric, AT&T, Sprint, etc)? So far I haven't had any complaints about blocking stuff like da.uu.net, but I'd like to make sure that legitimate email can still get through. -Robert Tarrall.- System/Network Admin E Central
|