RE: How do you stop outgoing spam?

["Al Rowland" <alan_r1 () corp earthlink net>]

Kinda breaks broadband streaming audio/video in a Java/other web applet
though...among other things.

Best regards,
_________________________
Alan Rowland


-----Original Message-----
From: owner-nanog () merit edu [mailto:owner-nanog () merit edu] On Behalf Of
Iljitsch van Beijnum
Sent: Monday, September 09, 2002 3:50 AM
To: Hank Nussbacher
Cc: nanog () merit edu
Subject: Re: How do you stop outgoing spam?



On Mon, 9 Sep 2002, Hank Nussbacher wrote:

> The spamming is usually done (but not only) from an Internet cafe 
> where the spammer inserts a "spammer CD" and blasts away at open mail 
> relays.  When SMTP is blocked for that IP, they switch to HTTP and 
> send the spam via MSN, Yahoo, Hotmail, Kukamail, Outblaze, Safe-mail, 
> etc. to name just a few.  Blocking port 80 is harder since it requires

> maintaining an ever larger list of free public web based mail systems 
> or just block port 80 entirely.

You could traffic shape or rate limit the traffic towards port 80 to a
few kbps for each IP address that might be used for spamming. If you
allow small bursts (10 - 50k) this should be just fine for regular web
access, since for that outgoing traffic is minimal: just the HTTP
requests and ACKs. However, it will slow down spamming to at most a
couple dozen spams per minute after the first few that fill up the
configured burst size. I imagine this will make the spammers move on to
greener pastures.