Security of DNSBL spam block systems

• Previous message (by thread): Security of DNSBL spam block systems
• Next message (by thread): Security of DNSBL spam block systems
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, 23 Jul 2002, Brad Knowles wrote:
> 	IMO, there is a serious risk of having DNSBL servers attacked and
> used as a DoS.

A slightly different sort of DOS from what you mean would be what we got a
few days ago. I got a call from our Noc about problems with our
old (but still online) incoming mail servers. They were taking about a
minute to put up their SMTP banner when you connected to them.

Turned out the problem was that we were using bl.spamcop.net which was
being DOSed at the time ( according to most reports, some said they had
upstream link problems ) .

The live servers are using spamassassin which has decent timeouts so they
were not affected. We try and slave as many RBLs as possible locally
to avoid these sort of problems.

-- 
Simon Lyall.                |  Newsmaster  | Work: simon.lyall at ihug.co.nz
Senior Network/System Admin |  Postmaster  | Home: simon at darkmere.gen.nz
ihug, Auckland, NZ          | Asst Doorman | Web: http://www.darkmere.gen.nz

• Previous message (by thread): Security of DNSBL spam block systems
• Next message (by thread): Security of DNSBL spam block systems
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]