short Botnet list and Cashing in on DoS
Stephen J. Wilcox
steve at telecomplete.co.uk
Sat Oct 9 19:00:10 UTC 2004
On Sat, 9 Oct 2004, Gadi Evron wrote:
> Blocking port 25 for dynamic ranges means they can't send email, so that
> drone are pretty useless for spammers on that account. Trojan horses
> would have to use local information for the user's own account (from
> Outlook or such).
my users like being able to send email. i dont think this can work! (and there
are many legit reasons for not using our own smtp servers.. indeed we have custs
on other ISPs network who use our smtp server)
> ISP's could then, I suppose, limit every user to 5 emails a minute (or
> any other number).
5 emails or 5 recipients? i can send one email with hundreds/thousands of
rcpts.. and again, there are lots of legit reasons for sending a batch of emails
> That combined with domain-keys and sender-ID could make for a much
> prettier Internet, don't you think?
you mean SPF? i agree, use as many tools as are available in conjunction with
something like spamassassin to score mails as likely spam
> Abuse using port 25 is a major issue today, why not solve it? If a user
> wants it open, they could always ask for it or even pay more money.
> Perhaps move to a static IP?
there are many ways of sending spam that dont use port 25..
individual rules are costly to implement and users wont use a service where you
have to pay more for basic services
More information about the NANOG