nanog mailing list archives
RE: POP3 DoS attacks and mailanyone.net?
From: Winn Johnston <WJohnston () induscorp com>
Date: Tue, 1 Sep 2009 15:58:42 -0400
Issues with gmail.com here in DC Winn Johnston ________________________________________ From: up () 3 am [up () 3 am] Sent: Tuesday, September 01, 2009 3:28 PM To: nanog () nanog org Subject: POP3 DoS attacks and mailanyone.net? For the first time since I can remember, my POP3 server was effectively shut down by too many simultaneous connections today. The first fix I tried was to raise the number of connections from the default 40 to 100, but the problem soon returned. I finally ipfw'd off the offending IP (98.190.204.2 for anyone interested), then went to look for other possible offenders in the log. I noticed several thousand connections today to a few dozen former users from 4 IPs from 208.70.128.0/21. One of the users was actually legitimate. These IPs belong to mailanyone.net. The tech contact in their ARIN record is listed as: OrgTechHandle: BHE57-ARIN OrgTechName: Heitman, Bryan OrgTechPhone: +1-816-587-4700 OrgTechEmail: hostmaster () mailanyone net However, that phone number goes to a UPS store that has no idea what I'm talking about. I then dialed their suppseod NOC number: Comment: FuseMail, LLC Network Operations Center contact Comment: 877.888.3873 x3 I am on hold with that number right now with some very loud and annoying music. Can anyone offer any insight as to these people and how/who to deal with there? Would a provider be amiss to just block their entire /21? TIA, James Smallacombe PlantageNet, Inc. CEO and Janitor up () 3 am http://3.am ========================================================================= ______________________________________________________________________ This inbound email was scanned by MessageLabs _____________________________________________________________________ ______________________________________________________________________ This email was scanned by MessageLabs _____________________________________________________________________
Current thread:
- POP3 DoS attacks and mailanyone.net? up (Sep 01)
- RE: POP3 DoS attacks and mailanyone.net? Winn Johnston (Sep 01)
- Re: POP3 DoS attacks and mailanyone.net? Andrew Fried (Sep 01)
- RE: POP3 DoS attacks and mailanyone.net? Winn Johnston (Sep 01)