Time to check the rate limits on your mail servers

• Previous message (by thread): Time to check the rate limits on your mail servers
• Next message (by thread): Time to check the rate limits on your mail servers
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi!

> http://news.com.com/Zombie+trick+expected+to+send+spam+sky-high/2100-7349_3-5560664.html?tag=cd.top

>> that botnets are now routing their mail traffic through the local
>> ISP's mail servers rather than trying their own port 25
>> connections.

> Now?  We (and AOL, and some other large networks) have been seeing
> this thing go on since over a year.

Indeed, we also see this a long time now. Most of them specific spamruns 
towards the bigger players... (AOL alike).

>> Do you let your customers send an unlimited number of
>> emails per day? Per hour? Per minute? If so, then why?

> One additional thing that I think wasnt mentioned in the article -
> Make sure your MXs (inbound servers) are separate from your outbound
> machines, and that the MX servers dont relay email for your dynamic IP
> netblock. Some other trojans do stuff like getting the ppp domain name
> / rDNS name of the assigned IP etc and then "nslookup -q=mx
> domain.com", then set itself up so that all its payloads get delivered
> out of the domain's MX servers

So the next article would say 'lets now all seperate MX and SMTP servers' 
still a LOT of large players combining those two. Giving troyans doing the 
above scenario a open door.

Bye,
Raymond.

• Previous message (by thread): Time to check the rate limits on your mail servers
• Next message (by thread): Time to check the rate limits on your mail servers
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]