|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical SORBS Scanning (unauthorized)
Ok, lets get back on topic: (some cisco config for network operators:) SORBS is relay testing again (see bounce below). BTW: for those networks that only feel comfortable blocking illegal activity, this is a violation of CAN-SPAM, because the message forges email headers, which is banned. You can access list the scanners by the following: access-list 104 deny ip 203.15.51.42 0.0.0.31 any Its more effective to block the DNS servers for the blacklist: access-list 104 deny ip host 194.109.9.11 any access-list 104 deny ip host 194.134.35.168 any access-list 104 deny ip host 194.134.35.204 any access-list 104 deny ip host 204.152.186.189 any access-list 104 deny ip host 203.15.51.34 any access-list 104 deny ip host 209.209.1.20 any access-list 104 deny ip host 209.142.2.10 any access-list 104 deny ip host 194.134.64.74 any access-list 104 deny ip host 128.193.0.30 any access-list 104 deny ip host 128.193.0.130 any Date: Wed, 30 Mar 2005 16:48:17 -0500 From: Mail Delivery Subsystem <[email protected]> To: [email protected], [email protected] Subject: Returned mail: Local configuration error The original message was received at Wed, 30 Mar 2005 16:44:45 -0500 from goliath.sorbs.net [203.15.51.42] ----- The following addresses had permanent fatal errors ----- <@[130.105.12.3]:[email protected]> ----- Transcript of session follows ----- 554 <@[130.105.12.3]:[email protected]>... Local configuration error -- Av8 Internet Prepared to pay a premium for better service? www.av8.net faster, more reliable, better service 617 344 9000 |