Home page logo
/

nanog logo nanog mailing list archives

Re: BLS FastAccess internal tech needed
From: Suresh Ramasubramanian <ops.lists () gmail com>
Date: Fri, 13 Jan 2006 09:16:12 +0530

On 1/13/06, Todd Vierling <tv () duh org> wrote:
(Your new SMTP port filters put in today in the Atlanta market are a step in
the right direction, but they are configured incorrectly:  They block
outbound connections to port 25, which is good -- but they are also blocking
*inbound* connections to a local SMTP receiver, which protects nothing and
simply annoys those of us who have a clue.)

What they're *trying* to do is actually quite sensible, and beats
spammers trying to do asymmetric routing / source address spoofing
type stuff

I guess what they actually should do is filtering inbound connections
FROM port 25 to any port.

Thread starting from
http://www.merit.edu/mail.archives/nanog/2005-01/msg00127.html for
example

And an example of how people get bitten without doing that ..

What Hank thought: http://www.cctec.com/maillists/nanog/current/msg03171.html

Actual issue: http://www.cctec.com/maillists/nanog/current/msg03232.html
(which is what it turned out to be .. unidirectional port 25 filtering
and a customer - nigerian spammer rather - who was sending out packets
through a satellite interface but with Hank's IP as the source IP)

srs
--
Suresh Ramasubramanian (ops.lists () gmail com)

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]