On Wed, May 26, 2004 at 05:23:46PM -0500, Seth Goodman wrote:
From: Mark
Sent: Wednesday, May 26, 2004 4:33 PM
Seth Goodman wrote:
I am arguing that it is a useless
DDoS mechanism because it is trivial to terminate by refusing any
MAIL FROM:<> connection request.
As trivial as turning off mail altogether; but hardly a realistic
solution.
Not accepting null envelope senders will get you listed in RFC-ignorant.
If you refused CBV's as a matter of policy, or because of an uncooperative
philosophy, you deserve to be listed there. If you were to refuse CBV's
temporarily due to being DDoS'd through that mechanism, I'm sure you would
be delisted promptly, if you were listed at all. I don't think the people
who run RFC-Ignorant would insist that you keep a service running that was
the subject of a DDoS attack while the attack was in progress. Last time I
looked, they wore white hats :)
So, as I understand it, you are guilty of refusing to honor CBV until you
expend extra effort to get yourself delisted because someone else has
to be convinced that your reasons are OK with them?
Feh.
--
-=[L]=-