How do you stop outgoing spam?
Scott Francis
darkuncle at darkuncle.net
Tue Sep 17 18:10:40 UTC 2002
On Mon, Sep 09, 2002 at 06:15:12PM -0700, lear at cisco.com said:
>
> Rafi Sadowsky wrote:
> > Maybe I'm missing something obvious but do how you get rate-limiting per
> >TCP *flow* with Cisco IOS ?
>
> There is something called flow-based RED (FRED) but it consumes a whole
> lot of memory because you have to keep track of lots more state. I
> don't know about that code. At the least what you can do is use the
> rate-limit command and rate limit *all* outbound TCP/80 traffic (or for
> that matter all access-list captured traffic). Now, doing so will make
> any but the most trivial outbound TCP/80 absolutely painful, and will
> cause tail drop. See Cathy Wittbrodt's work in this space, which was
> presented at NANOG some time ago.
>
> Note, I'm not saying you should *do* this. It may be going a bit too
> far for anti-spam.
Exactly. If operators as a group would just take the most elementary of steps
to decrease spam (along the lines Paul suggested), the effects would be so
significant that I think we wouldn't be worrying about HTTP spam traffic (at
least for the time being). The fraction of spam traffic that runs over HTTP
rather than SMTP is, I suspect, rather small.
If anybody has numbers on this, I'd be interested in hearing them one way or
the other.
--
-= Scott Francis || darkuncle (at) darkuncle (dot) net =-
GPG key CB33CCA7 has been revoked; I am now 5537F527
illum oportet crescere me autem minui
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20020917/caa5e940/attachment.sig>
More information about the NANOG
mailing list