Spamhaus...

William Herrin bill at herrin.us
Wed Feb 24 09:48:48 CST 2010


On Wed, Feb 24, 2010 at 8:21 AM, Rich Kulawiec <rsk at gsp.org> wrote:
> On Sun, Feb 21, 2010 at 10:59:08PM -0600, James Hess wrote:
>> But if the origin domain has not provided SPF records,  there are some
>> unusual cases left open,  where a bounce to a potentially fake address
>> may still be required.
>
> Nothing stops an
> attacker from using a throwaway domain to send traffic to known
> backscatterers, who will then backscatter it to $throwawaydomain,
> whose MX's are set to $victim's MX's.

So? You, I and everyone else these days are no longer running open
relays. You don't host $throwawaydomain so the session will end at the
rcpt command. If someone merely wants to DDOS your server there are
far easier ways.

Regards,
Bill Herrin




>  it's never appropriate to respond
> to abuse with abuse.
>
> ---Rsk
>
>



-- 
William D. Herrin ................ herrin at dirtside.com  bill at herrin.us
3005 Crane Dr. ...................... Web: <http://bill.herrin.us/>
Falls Church, VA 22042-3004




More information about the NANOG mailing list