Abuse procedures... Reality Checks

Fernando André fernando.andre at tvtel.pt
Thu Apr 12 10:14:54 UTC 2007



Citando Frank Bulk <frnkblk at iname.com>:
" but imagine how much work it
> would save their abuse department in the long run"

I think that Comcast trouble isn't has much has the company's affected I keep
the idea that the best is to rate limit incoming connections and a lot of
filtering to prevent the spam flood and keep hardware costs Low.

Placing the filtering on the user will make the user cry a lot against 
the ISP,
change ISP and keep the problem. They really don't care about their computer.

By using rate limit on incoming connections a lot of dynamic address's are
blocked.

"Additionally, upper management gives or takes away manpower many times 
without
the understanding of what 'should' be done to be a good netizen and this
defines how much effort can be spent on fixing the problems. "

This is the biggest problem "upper management" really doesn't care and 
the time
to use on this problems is not accounted.

So controlling the number of messages that leave your SMTP server is a 
solution
and PBL from spamhaus is a good thing ! SPF also good but will lead to 
complains
( tuff )

Blocking tcp destination port 25 to outside the network might work well 
on small
  and without concurrent ISP, on big ones I doubt it.

------------------------------------------------------------
Fernando Ribeiro
------------------------------------------------------------

----------------------------------------------------------------
http://www.tvtel.pt - Tvtel Comunicações S.A.




More information about the NANOG mailing list