Is malicious asymmetrical routing still a thing?

Grant Taylor gtaylor at
Fri Mar 10 00:05:00 UTC 2023

On 3/9/23 2:19 PM, Christopher Munz-Michielin wrote:
> Not this exact scenario, but what we see a lot of in my VPS company is 
> people sending spam by using our VPS' source addresses, but routing 
> outbound via some kind of tunnel to a VPN provider or similar in order 
> to bypass our port 25 blocks.

I'd be curious what VPN providers they are using so that I could start 
blocking them.  That seems like another player in the criminal support 

> We've had to start blocking source port 25 to catch the replies from the 
> recipient mail servers in order to prevent this kind of abuse.


Grant. . . .
unix || die

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4017 bytes
Desc: S/MIME Cryptographic Signature
URL: <>

More information about the NANOG mailing list