Is malicious asymmetrical routing still a thing?
johnl at iecc.com
Thu Mar 9 20:02:28 UTC 2023
Back in the olden days, a spammer would set up a server with a fast
broadband connection and a dialup connection, and send out lots of
spam over the broadband connection using the dialup's IP address. Since
mail traffic is quite asymmetric, this got them most of the broadband
speed, and when the dialup provider cancelled their service, they could
just dial into someone else. Or maybe work through that giant pile of
AOL CD-ROMs we all had. The broadband provider often wouldn't notice
since it wasn't their IP and they didn't get the complaints.
Is this still a thing? Broadband providers fixed this by some
combination of filtering port 25 traffic both ways, and BCP38 so you
can only send packets with your own address. Do providers do both of
these? More of one than the other? TIA.
More information about the NANOG