Open relays and open proxies

• Previous message (by thread): Open relays and open proxies
• Next message (by thread): Open relays and open proxies
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

--On Thursday, April 24, 2003 8:20 PM -0400 Jeff Kell <jeff-kell at utc.edu> 
wrote:

>
> Rob Thomas wrote:
>> Hi, NANOGers.
>>
>> ] anyone who was facile with perl could transform a full list of open
>> relays ] or proxies into something that avibgpd could use, so that you
>> could...
>>
>> If anyone can recommend a trusted list of proxies, we could provide
>> this data through something along the lines of the bogon route-server
>> project.
>
> If we could somehow blackhole *only* SMTP inbound, that would be ideal,

That's easy... standard ACLs, however that only protects against open 
relays, does nothing about open proxies which are a MUCH bigger problem

> but I feel that blackholing all IP from/to those sites would be far too
> much collateral damage.

On the plus side, things would get noticed by the owners of the 0wn3d boxes 
a lot quicker, and you wouldn't be aiding and abetting the skr1pt k1dd13s 
by letting the proxies run wild.

• Previous message (by thread): Open relays and open proxies
• Next message (by thread): Open relays and open proxies
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]