Comment spammers chewing blogger bandwidth like crazy

Ian Mason nanog at ian.co.uk
Mon Jan 15 15:01:58 UTC 2007


On 15 Jan 2007, at 00:43, Sean Donelan wrote:

>
> On Sun, 14 Jan 2007, Tony Finch wrote:
>> I would expect the lists of compromised hosts to be fairly  
>> effective -
>> open proxies of various kinds and perhaps botnet hosts. As for  
>> SMTP the
>> blacklists would only be a starting point that either provide a cheap
>> preliminary check or feed a more sophisticated filtering system.
>
> If you allow anonymous, unauthenticated access to any system it will
> be abused.  Auctions, blogs, chat, mail, phone, etc.  IP addresses
> have never been good authenticators for applications.

This is not true if you control the IP address space and the routers  
around it.
I mention this merely because "IP addresses have never been good  
authenticators"
or the like is becoming a truism. For ISPs with good source filtering  
in place
then IP addresses ARE good first level authenticators (e.g. filter lists
on management ports). Note: I say FIRST level authenticators; IP  
addresses are
obviously not suitable as the whole authentication process.

> Sending confirmation E-mail addresses aren't that much better.  And  
> blacklists will just continue to grow longer.
>
> How do you know your user?




More information about the NANOG mailing list