[SLL] collaborate on a dnsbl?
Bill Campbell
bill at celestial.com
Thu May 12 19:10:28 EDT 2005
On Thu, May 12, 2005, Russell Evans wrote:
>On Thu, 12 May 2005 13:23:55 -0700 (PDT)
>"Jeremy C. Reed" <reed at reedmedia.net> wrote:
>
>
>> I would extend this packet filter list to beyond just SSH. It would be
>> very useful for when Code Red/Nimda type worms and email virus
>> repeatedly attack.
The vast majority of spam and virus traffic would go away if ISPs did
elementary ingress and egress filtering at their border routers, and
limited outgoing SMTP traffic from their customers systems to the ISP's own
mail servers unless the customer specifically asked to be unblocked.
We've been doing this type of filtering at the ISPs I've installed for over
a decade now, and never have had significant spam problems from their
customers. The number of requests for unblocking SMTP in this time is so
low I don't remember the last time I had to do it (their commercial
accounts aren't blocked by default if they're running their own mail
servers).
>> Blocking at packet filter (or blackhole routing) level takes all load
>> off of the MTA and its related mail filtering.
>
>
>spf seems a better way for blocking mail from infected hosts.
>http://spf.pobox.com/
Everything I've read about SPF leads me to believe that it's a Bad
Idea(tm), and causes more problems than it solves (e.g. it breaks things
like .forward files, and many legitimate virtual hosting systems).
Bill
--
INTERNET: bill at Celestial.COM Bill Campbell; Celestial Software LLC
UUCP: camco!bill PO Box 820; 6641 E. Mercer Way
FAX: (206) 232-9186 Mercer Island, WA 98040-0820; (206) 236-1676
URL: http://www.celestial.com/
Marijuana will be legal some day, because the many law students
who now smoke pot will someday become congressmen and legalize
it in order to protect themselves.
-- Lenny Bruce
More information about the linux-list
mailing list