North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Time to check the rate limits on your mail servers

  • From: Douglas Otis
  • Date: Thu Feb 03 20:22:21 2005

On Thu, 2005-02-03 at 14:55 -0800, J.D. Falk wrote:
> On 02/03/05, "Hannigan, Martin" <[email protected]> wrote: 
> > ..or a cost issue. Most of these users are people who have
> > decided not to spend the $40 to defend their machine at home.
> So you educate them as to why it would be a good idea to keep
> their computer secure.
> But in the meantime, their machine is spewing garbage -- which,
> as many have said, is the operational issue at hand.

Solutions through diligent use of add-on products is not 100%.  Many
users spend $40 and diligently apply prophylactics, but still are
compromised.  Reinstalling over an existing installation does not ensure
removal.  Either way, this returns the OS to a vulnerable state, while
costing several frustrating hours.  Using a CD-ROM OS/App suite, such as
Knoppix, sounds promising for this headache.  It should be difficult to
corrupt an OS or application when on Read-Only media. :)

The number of zombies ensures rate limiting will not be effective
either.  Providers keeping their house in order in the face of this new
strategy may be assisted by domain signed mail.  This could serve to
block compromised accounts with help from the provider themselves.
Rejections from a third party will tell their clients they need a

The wack-a-mole game needs a more agile mallet.