Open relays and open proxies

John Payne john at sackheads.org
Thu Apr 24 20:58:56 UTC 2003


--On Thursday, April 24, 2003 12:58 PM -0700 Joe St Sauver 
<JOE at OREGON.UOREGON.EDU> wrote:

>
> Hi Adi,
>
># I am seeing an increasing number of hosts on our network become an open
># proxy. So far the response to this has been reactive, once I receive
># complaints from spam victims I deal with the source of the problem.
>
> The sheer act of having an abuse address and acting on reports received
> on it puts you a leg and a half up on a number of other service providers
> who have chosen to studiously ignore abused open proxies on their
> networks.

Yep


># Is there an accepted way of blocking open proxy and open relay traffic
># at  the network edge?

...

> What's really needed is some way to take open proxy DNSBL data and
> instantiate a dump of that data onto a suitable appliance. It is probably
> too much state to burden a reasonable sized border route with, but you
> could imagine other devices that could probably handle it (at least for
> moderate speed flows), much as there are currently middle boxes which
> rip open packets to target peer to peer traffic.


FWIW, if you can handle an extra 40k or so prefixes, blitzed.org can 
provide a BGP feed of their DNSBL  (although the BGP talking machine is 
currently down for hardware issues).



More information about the NANOG mailing list