BLS FastAccess internal tech needed
Todd Vierling
tv at duh.org
Fri Jan 13 05:19:14 UTC 2006
On Fri, 13 Jan 2006, Suresh Ramasubramanian wrote:
> > (Your new SMTP port filters put in today in the Atlanta market are a step in
> > the right direction, but they are configured incorrectly: They block
> > outbound connections to port 25, which is good -- but they are also blocking
> > *inbound* connections to a local SMTP receiver, which protects nothing and
> > simply annoys those of us who have a clue.)
>
> What they're *trying* to do is actually quite sensible, and beats
> spammers trying to do asymmetric routing / source address spoofing
> type stuff
>
> I guess what they actually should do is filtering inbound connections
> FROM port 25 to any port.
That's why I said that it is misconfigured. The inbound packet filter has
the wrong matching criterion.
--
-- Todd Vierling <tv at duh.org> <tv at pobox.com> <todd at vierling.name>
More information about the NANOG
mailing list