North American Network Operators Group
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: BLS FastAccess internal tech needed

  • From: Suresh Ramasubramanian
  • Date: Thu Jan 12 22:49:23 2006
  • Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=H7gKOD6G5QaAjl62NSAb43b+RXDkPhrFLgb6apTA6kfg2BLyrXlr9bUwWQDEeI5YxZGfLkRRvaue3/DPZvcXhldyiW5dt6UptbjakWi8Qq3joj0uoR52OR7F+9Oieix3tDukMU28puLBAfFKSMY/RzZm/vpqPVs0qXTjlOc2a1M=
On 1/13/06, Todd Vierling <[email protected]> wrote:
> (Your new SMTP port filters put in today in the Atlanta market are a step in
> the right direction, but they are configured incorrectly:  They block
> outbound connections to port 25, which is good -- but they are also blocking
> *inbound* connections to a local SMTP receiver, which protects nothing and
> simply annoys those of us who have a clue.)

What they're *trying* to do is actually quite sensible, and beats
spammers trying to do asymmetric routing / source address spoofing
type stuff

I guess what they actually should do is filtering inbound connections
FROM port 25 to any port.

Thread starting from
http://www.merit.edu/mailinglist/mailarchives/old_archive/2005-01/msg00127.html for
example

And an example of how people get bitten without doing that ..

What Hank thought: http://www.cctec.com/maillists/nanog/current/msg03171.html

Actual issue: http://www.cctec.com/maillists/nanog/current/msg03232.html
(which is what it turned out to be .. unidirectional port 25 filtering
and a customer - nigerian spammer rather - who was sending out packets
through a satellite interface but with Hank's IP as the source IP)

srs
--
Suresh Ramasubramanian ([email protected])