Patrick W. Gilmore
patrick at ianai.net
Sun Feb 21 13:16:58 CST 2010
On Feb 21, 2010, at 1:01 PM, William Herrin wrote:
> On Sun, Feb 21, 2010 at 9:10 AM, Rich Kulawiec <rsk at gsp.org> wrote:
>> Hint: nothing stops the spammers from pointing the MX records for their
>> throwaway domains at somebody else's mail servers. Among other things.
>> MANY other things, unfortunately.
> Clearly I shouldn't respond to any packets at all. After all, a bad
> actor can originate packets with a forged source address and I
> wouldn't want to abuse your network with unwanted echo-replies,
> syn-acks and rejs.
That is actually somewhat correct.
You should not randomly respond to packets at arbitrary rates. If you do, you are being a bad Netizen for exactly this reason. See things like amplification attacks for why.
Of course, if you can get proper responses, say TCP sequence numbers, proving the other side really is talking to you, then that limitation is removed.
More information about the NANOG