nanog mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Open relays and open proxies

From: John Payne <john () sackheads org>
Date: Thu, 24 Apr 2003 20:25:52 -0400
--On Thursday, April 24, 2003 8:20 PM -0400 Jeff Kell <jeff-kell () utc edu> wrote: 



Rob Thomas wrote:

Hi, NANOGers.

] anyone who was facile with perl could transform a full list of open
relays ] or proxies into something that avibgpd could use, so that you
could...

If anyone can recommend a trusted list of proxies, we could provide
this data through something along the lines of the bogon route-server
project.


If we could somehow blackhole *only* SMTP inbound, that would be ideal,
That's easy... standard ACLs, however that only protects against open relays, does nothing about open proxies which are a MUCH bigger problem 


but I feel that blackholing all IP from/to those sites would be far too
much collateral damage.
On the plus side, things would get noticed by the owners of the 0wn3d boxes a lot quicker, and you wouldn't be aiding and abetting the skr1pt k1dd13s by letting the proxies run wild.
Previous By Date Next
Previous By Thread Next

Current thread: