ietf-asrg
[Top] [All Lists]

Re: [Asrg] Re: Asrg] My take on e-postage

2004-04-26 15:35:39
Only a few ISPs - the most savvy and network-oriented (as opposed to revenue-oriented) - seem to have any mechanism to detect and deal with zombies.

It's very hard to deal with in any definitive way. How do you distinguish
whether outgoing mail from a normally-reputable system is really still
legitimate?

You pick up the phone, and have a brief word with your customer. If he hasn't any idea why his box is spewing a thousand mails a minute, you have an opportunity to deal with the problem, starting with blocking his outgoing SMTP. If he *does* know about it, then it's his responsibility.

This isn't just hyperbole. This is roughly how my present ISP, Demon, says it handles excessive SMTP output. This is also how one of my previous ISPs alerted me to an inadvertent misconfiguration of my website, which was causing a type of DDoS on their webserver via a stack of poorly run Squid proxies.

--------------------------------------------------------------
from:     Jonathan "Chromatix" Morton
mail:     chromi(_at_)chromatix(_dot_)demon(_dot_)co(_dot_)uk
website:  http://www.chromatix.uklinux.net/
tagline:  The key to knowledge is not to rely on people to teach you it.


_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg



<Prev in Thread] Current Thread [Next in Thread>