Is malicious asymmetrical routing still a thing?
gtaylor at tnetconsulting.net
Fri Mar 10 00:05:00 UTC 2023
On 3/9/23 2:19 PM, Christopher Munz-Michielin wrote:
> Not this exact scenario, but what we see a lot of in my VPS company is
> people sending spam by using our VPS' source addresses, but routing
> outbound via some kind of tunnel to a VPN provider or similar in order
> to bypass our port 25 blocks.
I'd be curious what VPN providers they are using so that I could start
blocking them. That seems like another player in the criminal support
> We've had to start blocking source port 25 to catch the replies from the
> recipient mail servers in order to prevent this kind of abuse.
Grant. . . .
unix || die
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 4017 bytes
Desc: S/MIME Cryptographic Signature
More information about the NANOG