ISPs are asked to block yet another port
Jack Bates
jbates at brightok.net
Mon Jun 23 20:05:47 UTC 2003
Christopher L. Morrow wrote:
> This is what our, atleast, abuse team calls 'fantasy mail'. There is a fix
> for it, port 25 in and out filtering for radius customers. The 'problem'
> as I understand it, is that the change would be a contract change so it
> has to wait for expiration of said contract to be enforced... :( Its a
> sucky world sometimes. Perhaps Paul complained to
> ATT/<other-unnamed-provider> with logs and such? :)
>
There is another fix for it. If neither provider allowed spoofing, then
the individual couldn't send spoofed packets out one way and allow the
syn/ack back via the other. Of course, there are better reasons for
spoof protection ingress/egress than a little port 25 traffic.
-Jack
More information about the NANOG
mailing list