do you use SPF TXT RRs? (RFC4408)

Suresh Ramasubramanian ops.lists at gmail.com
Mon Oct 4 16:05:12 CDT 2010


dig throwaway1.com NS
dig throwaway2.com NS

etc etc ... and then check_sender_ns_access in postfix, for example.

Scales much better than whackamoling one domain after the other on the same NS

On Mon, Oct 4, 2010 at 4:59 PM,  <Valdis.Kletnieks at vt.edu> wrote:
>
> 140 million .coms. Throw-away domains. I do believe that Marcus Ranum had
> "trying to enumerate badness" on his list of "Six stupidest security ideas".
> This won't scale as long as you have more spammers adding new domains faster
> than your NOC staff can add them to the blacklist.
>
> (And even centralized blacklists run by dedicated organizations haven't solved
> the problem yet, so I'm not holding my breath waiting for that to work out...)



-- 
Suresh Ramasubramanian (ops.lists at gmail.com)




More information about the NANOG mailing list