Attack of the Killer Spam

Wayne D. Correia wayne at
Wed Dec 31 01:10:18 UTC 1997

At 4:42 PM -0800 12/30/97, Adam Rothschild wrote:
>NANOG folk:
>Over the past few weeks, I have noticed an influx of SPAM(tm) transmitted by
>UUNet dynamic IP dial-up users (read: MSN, Earthlink, GTE, etc.) and relayed
>using Earthlink SMTP relays.  Am I turning senile prematurely, or has anyone
>else noticed this influx?
>Also, how easy would it be for Earthlink and other nationwide "ISP's" (or
>more accurately, UU/PSI resellers) to do the following?  This would not stop
>SPAM(tm) dead in its tracks, but I figure it would make it easier to hold
>spammers accountable at least... unless, of course, they use throw-away
>accounts, in which case there is not much that can be done...
>- institute anti-spam rules on their SMTP relays, i.e. only relay mail
>reporting to be from and the virtual domains they host
>- only allow SMTP relaying from IP's assigned to *their customers*
>dynamically (cross-reference Radius logs?)
>Constructive feedback would be greatly appreciated!  Together, we CAN make a

We require all of our cutomers' users to authenticate themselves, i.e.,
their current IP address with us via a POP connection before they're
allowed to use our SMTP servers. Once a successful POP login has been
completed, that "authorization" is good for 30 minutes.

Because we've done this, our service has been 100% free from unauthorized
relaying while at the same time keeping our relays totally open for our
customers' customers  no matter where they've connecting. This was
essential for us to implement because we're a mail service provider for
Internet service providers, all of our direct customers are ISPs, and we
have no control over the networks that those ISPs' users come in from.

Wayne D. Correia        Critical Path Inc.       tel: +1-415-543-2800
CTO                     320 First Street         fax: +1-415-543-2830
                        San Francisco, CA 94105  pcs: +1-415-826-6000
"we handle the world's email"	

More information about the NANOG mailing list