How do you stop outgoing spam?

• Previous message (by thread): How do you stop outgoing spam?
• Next message (by thread): How do you stop outgoing spam?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

A twist we saw spammers using on dialup accounts in Miami could come to
cyber cafes and could be ugly.

They were dialing in and then using the IP address to send spam out some
other connection elsewhere where RPF wasn't in use. The return packets all
came back on their dialup into us, but bypassed our filters that were then
only on outbound packets.

Since these were wholesaled dial ports, we know there are no valid servers
customers needed in RIPE annd APNIC blocks and in long ACLs blocking various
MSN servers, AND we know the dialup user's account. In a free cafe, you know
none of that.

Having an inbound mirror image of the outbound ACL helped initially, and
then a coworker crafted a reflexive access list that really stopped them.
Inbound packets had to have matching outbound ones or were tossed.

We had visions of their finding a $spam$ friendly ISP that would sell them a
SPAM OC-3 as long as he got no spam complaints. It could have served many
spam machines running with dynamic IPs from many different ISPs and many
user accounts on each - all at once.

In the free cyber cafe that does not NAT and that does not know who the
users are, there is potential for similar abuse.

• Previous message (by thread): How do you stop outgoing spam?
• Next message (by thread): How do you stop outgoing spam?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]