Is malicious asymmetrical routing still a thing?

Christopher Morrow morrowc.lists at
Thu Mar 9 21:29:11 UTC 2023

On Thu, Mar 9, 2023 at 4:19 PM Christopher Munz-Michielin
<christopher at> wrote:
> Not this exact scenario, but what we see a lot of in my VPS company is
> people sending spam by using our VPS' source addresses, but routing
> outbound via some kind of tunnel to a VPN provider or similar in order
> to bypass our port 25 blocks.
> We've had to start blocking source port 25 to catch the replies from the
> recipient mail servers in order to prevent this kind of abuse.

commodity 'ip access' really is all the same (dial, dsl, cable, vpc) to folk
that do this sort of thing :(

More information about the NANOG mailing list