DDoS Question

Martin Hannigan hannigan at gmail.com
Fri Sep 28 14:56:30 UTC 2007

On 9/28/07, Paul Ferguson <fergdawg at netzero.net> wrote:
> Hash: SHA1
> - -- "Hex Star" <hexstar at gmail.com> wrote:
> > This problem is easily solved by simply rejecting mail sent by servers on
> > dynamic IP ranges...
> Great. I guess we can all go home now. :-)

As long as we leave our wallets on our desks, no problem. :-)

Summary of private responses:

- Use LDAP
- Use regexp and kill, kill, kill
- Send me your data!

All very good suggestions, but I thought of that and I have a variety
of issues that limit me to my existing environment and do not allow
fast and easy deployment of enhancements. One being I'm tied into a
big OSS.

Over this year I've expended significant amounts of time and energy on
a problem that is created by people that are exploiting the Internet
for profit which the vast majority is either fraud or identity theft
oriented. Mail is a huge expense and sending it the way of usenet,
outsourced en-masse using cheap and fast OEM interfaces and services,
is the right thing to do.

After researching the outsourced mail options, I found that the market
is not mature or flexible enough yet. For example, we need the hook
into automated systems, we need some level of control for front line
support, and we need assurances that the provider will comply with the
laws of where *the subscribing network* may be regulated. Not another
country. If we get a subpoena or surveillance request, we need to be
in the loop since we (and you all) are regulated.

Google was my best hope and it was too bad they barely responded. The
application suite for ISP's might have been ok if it were tuned up a
little, or had more information and a real person running the program.
They seem to have the right idea. Throw massive reasons at the
problem, build user base, generate ad revenue to pay for it, and sell
services to others i.e. anti-fraud and anti-phishing.



More information about the NANOG mailing list