nanog mailing list archives
Re: Time to check the rate limits on your mail servers
From: Patrick W Gilmore <patrick () ianai net>
Date: Thu, 3 Feb 2005 09:44:24 -0500
On Feb 3, 2005, at 9:30 AM, up () 3 am wrote:
One additional thing that I think wasnt mentioned in the article - Make sure your MXs (inbound servers) are separate from your outbound machines, and that the MX servers dont relay email for your dynamic IP netblock. Some other trojans do stuff like getting the ppp domain name / rDNS name of the assigned IP etc and then "nslookup -q=mx domain.com", then set itself up so that all its payloads get delivered out of the domain's MX serversEasier said than done, especially if you're a small ISP that's been doing POP before SMTP and changing this requires that every customer's settingsbe changed.
IMHO, if you are a small ISP and limit the # of e-mails per user per day, even to something like 1K, you probably don't have to separate the MX & SMTP servers. But that's me, others might still think you were being "irresponsible".
Is there any info on how this zombie is spread? ie, email worms, direct port attacks, etc. If the former, there's hope of nipping it in the budwith anti-virus filtering.
All of the above. -- TTFN, patrick
Current thread:
- Time to check the rate limits on your mail servers Michael . Dillon (Feb 03)
- Re: Time to check the rate limits on your mail servers Suresh Ramasubramanian (Feb 03)
- Re: Time to check the rate limits on your mail servers Raymond Dijkxhoorn (Feb 03)
- Re: Time to check the rate limits on your mail servers up (Feb 03)
- Re: Time to check the rate limits on your mail servers Patrick W Gilmore (Feb 03)
- Re: Time to check the rate limits on your mail servers Joe Maimon (Feb 03)
- Re: Time to check the rate limits on your mail servers J.D. Falk (Feb 03)
- Re: Time to check the rate limits on your mail servers Kevin (Feb 03)
- Re: Time to check the rate limits on your mail servers Michael . Dillon (Feb 03)
- Re: Time to check the rate limits on your mail servers Nils Ketelsen (Feb 03)
- Re: Time to check the rate limits on your mail servers Raymond Dijkxhoorn (Feb 03)
- Re: Time to check the rate limits on your mail servers up (Feb 03)
- Re: Time to check the rate limits on your mail servers John Levine (Feb 05)
- Re: Time to check the rate limits on your mail servers Suresh Ramasubramanian (Feb 03)
- Re: Time to check the rate limits on your mail servers Rich Kulawiec (Feb 03)
- Re: Time to check the rate limits on your mail servers Gadi Evron (Feb 03)