North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Time to check the rate limits on your mail servers

  • From: Gadi Evron
  • Date: Thu Feb 03 09:53:45 2005

[email protected] wrote:
CNET reports
that botnets are now routing their mail traffic through the local
ISP's mail servers rather than trying their own port 25
Both on ASRG and here on NANOG, many of us said many times, and most of the times people called me crazy;

1. Block port 25 for dynamic ranges - that will kill the current strain of worms.
2. It won't solve spam, and neither will SPF or anything else of the sort, as when you have 100K zombies, you don't need to act a server, you can use the real credentials for the user, and even if limited to a 1000 messages, that times 100K drones is...

The issue is numbers, and how to reduce them, not stop the tide.

Currently there is a discussion of this on Spam-Research [1], quite interesting.


1 - Spam-Research archives: