Barry Shein <bzs(_at_)world(_dot_)std(_dot_)com> wrote:
Um, when have you ever seen a DDOS attack with thousands of computers
are spewing packets? Do you have an example?
<raises hand>
Also, what service is being denied?
SMTP.
Except it's not a DDOS attack, except as a broad-sweeping (and useful)
metaphor.
It's a DDoS attack.
For me, it got to the point where I couldn't afford to run sendmail,
as the machine would pretty much lock up. Once I installed a
non-bloated mailer, the machine became useable again. Then the spam
load went up by a factor of 10. So I installed a whitelist filter,
sending ICMP "port unreachable"s for people not on the whitelist. My
ISP called me, and said I was using too much bandwidth, so I stopped
sending ICMP's. Then the incoming TCP SYN's from spammers became too
much, and I gave up completely.
I pointed my MX at Nortel's spam trap at one point. Half of my spam
went there, and I doubled their spam load for the day. Unlike them, I
do NOT have 100's of 1000's of dollars to throw at the problem (or
even $1000's), so my ONLY option was to give up on the domain.
If the only thing you can do in response to spam is give up and walk
away, then it's a DDoS attack. This is the future of spam for
*everyone*. I was saying this 3-4 years ago, and almost no on
believed me. If we don't do SOMETHING to solve the spam problem, then
3-4 years from now, my current problems will seem minor, and NO ONE
will be using email.
That's the biggest reason why I've been supporting non-perfect
solutions: the options currently available are no email, or a
non-perfect anti-spam system. Wake up, people...
Alan DeKok.
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg