AT&T SMTP Admin contact?

Brad Laue brad at brad-x.com
Tue Nov 24 18:06:42 CST 2009


On 2009-11-24, at 6:15 PM, Valdis.Kletnieks at vt.edu wrote:

> On Tue, 24 Nov 2009 16:38:33 EST, Brad Laue said:
> 
>> True, but wouldn't a blacklist of SPF records for known spam issuing
>> domains be a more maintainable list than an IP block whitelist?
>> 
>> (I'm no doubt missing something very obvious with this question)
> 
> 140M+ .com where a malicious DNS server in East Podunk can be authoritative for
> a domain actually in Bratslavia and domains are cheap and throw-away.
> 
> 16M /24's, where you (mostly(*)) need to be able to actually route the packets,
> so if you have a /24 in Bratslavia, you need something resembling a router
> in Bratslavia as well, and somebody willing to light up the other end of
> the cable, and you need a way to make BGP announcements (legal or otherwise ;)
> to be able to exploit it.
> 
> Choose wisely which you'd rather use for defense.
> 
> (*) Mostly - though the BGP hack demonstrated at last year's DefCon
> did qualify as an Epic Win for kewl presentations. ;)

Ah, very true. Still really hoping to get in touch with someone from AT&T. :-)

Thanks for the info.




More information about the NANOG mailing list