Open relays and open proxies
John Payne
john at sackheads.org
Thu Apr 24 20:58:56 UTC 2003
--On Thursday, April 24, 2003 12:58 PM -0700 Joe St Sauver
<JOE at OREGON.UOREGON.EDU> wrote:
>
> Hi Adi,
>
># I am seeing an increasing number of hosts on our network become an open
># proxy. So far the response to this has been reactive, once I receive
># complaints from spam victims I deal with the source of the problem.
>
> The sheer act of having an abuse address and acting on reports received
> on it puts you a leg and a half up on a number of other service providers
> who have chosen to studiously ignore abused open proxies on their
> networks.
Yep
># Is there an accepted way of blocking open proxy and open relay traffic
># at the network edge?
...
> What's really needed is some way to take open proxy DNSBL data and
> instantiate a dump of that data onto a suitable appliance. It is probably
> too much state to burden a reasonable sized border route with, but you
> could imagine other devices that could probably handle it (at least for
> moderate speed flows), much as there are currently middle boxes which
> rip open packets to target peer to peer traffic.
FWIW, if you can handle an extra 40k or so prefixes, blitzed.org can
provide a BGP feed of their DNSBL (although the BGP talking machine is
currently down for hardware issues).
More information about the NANOG
mailing list