Extreme spam testing
andy at xecu.net
Mon Dec 22 18:46:59 UTC 2003
On Mon, 22 Dec 2003, Chris Brenton wrote:
> > I hate spammers. I loathe and
> > despise them. I hate njabl even more.
> Agreed. My spam is _my_ problem and fixing it should not include making
> it everyone else's problem. Forget whether its legal, its pretty
> inconsiderate as many environments flag this stuff as malicious so it
> triggers alerts.
Hmm...actually, YOUR spam is MY problem. That's how this works.
I applaud njabl.
If you have open relays, proxies, or whatnot, I want to know about it, so
I can reject all mail from you. If we have a single entitity that does all
this scanning, we as individual entities do not need to scan ourselves.
Therefore, njabl is REDUCING the number of people scanning your netblocks
for proxies. If they didn't do it for me, I'd be doing it myself, along
with numerous other networks.
> As a follow up, it also looks like they did a pretty aggressive port
> scan of my system. Not sure how checking Telnet, X-Windows or RADIUS
> will tell them if I'm a spammer, but what ever.
proxies, proxies, proxies. But like you say, "whatever". It's not like you
would have noticed if you didn't obsessively scan your logfiles or have an
> > Well, nope, I didn't, and I don't. They just did it
> > again, and by "it", I mean that they hit every machine in my little
> > netblock
> I've tweaked my perimeter to return host-unreachables to all packets
> originating from their network (rate limited of course). If that stops
> them from accepting me mail, oh well I'll survive.
In the old days, when Abovenet and ORBS (I think, could be wrong, been
awhile) got into it, and ORBS (or whoever) blacklisted Abovenet's IP space
because they were firewalled, that was simply petty and stupid.
NJABL will not list you for preventing them from scanning your servers.
Is Jon aggressive? Yes. Is he a dickhead? No.
More information about the NANOG