AT&T SMTP Admin contact?
Brad Laue
brad at brad-x.com
Wed Nov 25 00:06:42 UTC 2009
On 2009-11-24, at 6:15 PM, Valdis.Kletnieks at vt.edu wrote:
> On Tue, 24 Nov 2009 16:38:33 EST, Brad Laue said:
>
>> True, but wouldn't a blacklist of SPF records for known spam issuing
>> domains be a more maintainable list than an IP block whitelist?
>>
>> (I'm no doubt missing something very obvious with this question)
>
> 140M+ .com where a malicious DNS server in East Podunk can be authoritative for
> a domain actually in Bratslavia and domains are cheap and throw-away.
>
> 16M /24's, where you (mostly(*)) need to be able to actually route the packets,
> so if you have a /24 in Bratslavia, you need something resembling a router
> in Bratslavia as well, and somebody willing to light up the other end of
> the cable, and you need a way to make BGP announcements (legal or otherwise ;)
> to be able to exploit it.
>
> Choose wisely which you'd rather use for defense.
>
> (*) Mostly - though the BGP hack demonstrated at last year's DefCon
> did qualify as an Epic Win for kewl presentations. ;)
Ah, very true. Still really hoping to get in touch with someone from AT&T. :-)
Thanks for the info.
More information about the NANOG
mailing list