Attack of the Killer Spam

Eric Osborne osborne at
Wed Dec 31 01:17:41 UTC 1997

> NANOG folk:
> Over the past few weeks, I have noticed an influx of SPAM(tm) transmitted by
> UUNet dynamic IP dial-up users (read: MSN, Earthlink, GTE, etc.) and relayed
> using Earthlink SMTP relays.  Am I turning senile prematurely, or has anyone
> else noticed this influx?

Yeah, I've seen some of it.

> Also, how easy would it be for Earthlink and other nationwide "ISP's" (or
> more accurately, UU/PSI resellers) to do the following?  This would not stop
> SPAM(tm) dead in its tracks, but I figure it would make it easier to hold
> spammers accountable at least... unless, of course, they use throw-away
> accounts, in which case there is not much that can be done...
> - institute anti-spam rules on their SMTP relays, i.e. only relay mail
> reporting to be from and the virtual domains they host

Um..I think "the virtual domains they host" may be the tricky bit.  
I don't know how UU/PSI do their mail serving, but if Earthlink has its d/u
customers point to a UU/PSI relay for SMTP delivery, there's the matter of
keeping everyone's records up to date.

OTOH, if Earthlink (or whomever - Earthlink is just an example, here) points 
its customers towards something like for SMTP relay, see

> - only allow SMTP relaying from IP's assigned to *their customers*
> dynamically (cross-reference Radius logs?)

Good idea, although I think it may have some negative impacts on performance.
Again, there's also the matter of keeping everyone's records in sync. seems to have some basic relay filters in place, although
I'm not sure what their complete ruleset is.

Take a look at somebody like Xcom (hi, marty!) -  I'm not 
affiliated with them in any way, but it looks like what they do may be useful.
A Layer 2 approach means that you can assign only _your own_ IPs to dialin
customers, which cuts out the aforementioned Radius cross-reference.

> Constructive feedback would be greatly appreciated!  Together, we CAN make a
> difference.
> Regards,
> Adam


More information about the NANOG mailing list