North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Time to check the rate limits on your mail servers

  • From: Raymond Dijkxhoorn
  • Date: Thu Feb 03 10:12:50 2005


CNET reports
that botnets are now routing their mail traffic through the local
ISP's mail servers rather than trying their own port 25

Both on ASRG and here on NANOG, many of us said many times, and most of the times people called me crazy;

1. Block port 25 for dynamic ranges - that will kill the current strain of worms.
2. It won't solve spam, and neither will SPF or anything else of the sort, as when you have 100K zombies, you don't need to act a server, you can use the real credentials for the user, and even if limited to a 1000 messages, that times 100K drones is...
Did you actially read the article? This was about drones sending out via its ISP mailserver. Blocking outbound 25 doesnt help a bit here. In general sure, good ide, and also start using submission for example. But in this contect its silly.