BCP38 thread 93,871,738,435 + SPF

Michael.Dillon at btradianz.com Michael.Dillon at btradianz.com
Fri Oct 27 15:53:15 UTC 2006

> > > How is this attack avoided?
> >
> > Sounds like the attack is inherent in SPF. In that case,
> how did the thread about dns providers and rfc compliance morph into SPF
> and spam discussions?

Ask Doug Otis. He stated that SPF sets the stage for DDoS 
attacks against DNS servers. Presumably he said this because
it points to another *COST* of DDoS that could be used as 
a business justification to implement BCP38.

Or you could look at it as a weakness of SPF that should be
used as a justification for discouraging its use. After all
if we discourage botnets because they are DDoS enablers, 
shouldn't we discourage other DDoS enablers like SPF?

--Michael Dillon

More information about the NANOG mailing list