Verizon is easily fooled by spamming zombies
Valdis.Kletnieks at vt.edu
Valdis.Kletnieks at vt.edu
Wed Jun 1 18:02:24 UTC 2005
On Wed, 01 Jun 2005 20:51:17 +0400, Gadi Evron said:
> > If the ISP wants to use SMTP AUTH or other mechanisms to lower abuse,
> > that's fine. But to say "only allow ISP.net from addresses - but allow
> > them from anywhere on the 'Net" is kinda ... silly.
>
> No, it makes perfect sense but that is the one thing I fear we'll have
> to agree to disagree on.
Nope, Patrick is right on this one. The ruleset that appears to be in effect
is:
"Anything from anywhere, even if it's from a hijacked box in Korea, can forward
through our server as long as it has a 'totallybusticated at ISP.net' From: on it,
but if one of our own customers tries to send through the server with a From:
that says 'customer at vanity.domain' they can't even if they pass an SMTP AUTH
check and prove they're ISP.net's customer..."
And that's borked and wrong.
> > The solution presented here is not only not a solution, it is also a
> > problem.
>
> Okay, then I suppose I don't understand the problem. How exactly do you
> mean?
See above - would you consider forwarding mail from outside ISP.net space
without an SMTP AUTH check just because it claims to be 'From @ISP.net'?
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 226 bytes
Desc: not available
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20050601/dc5ebd8b/attachment.sig>
More information about the NANOG
mailing list