Email address obfuscation in effect -- please
click here to turn it off.
[
Date Prev][
Date Next][
Thread Prev][
Thread Next][
Date Index][
Thread Index]
I can agree with all of that. As long as you implement basic ingress and
egress filtering to block spoofing you're an alright ISP in my book . .
. that and the basic router hardening things - tcp/udp small servers,
icmp directed broadcasts, etc etc etc
-- Brent
-----Original Message-----
From: Spurling, Shannon [mailto:EMAIL:PROTECTED]
Sent: Wednesday, April 09, 2003 4:22 PM
To: MLUG Members
Subject: RE: [MLUG] More spam
Sounds like a firewall rule. Besides, how do you know it's 4000 e-mails
and not one large e-mail? And how do you know they are all from the same
e-mail address? Best case, we would see 4000 flows from a particular
e-mail server to another e-mail server on port 25. Worst case would be
that we would see one large flow between those two e-mail servers on
port 25. Either way, you can bet that blocking on a rule like that would
kill someone's traffic that may be perfectly valid.
The fact is that firewalls and filters are an enterprise level
application. They don't scale to ISP size. The other half of that is
that it requires something called state full inspection. Maintaining
state information at MOREnet's current traffic rates would fry a
supercomputer. Also, before implementing any type of filtering or
blocking service you must define your policy. Defining a policy for the
number and diversity of users we have would take an act of god. With all
this in mind, we leave the installation and control of such filtering
devices up to the individual customers, where such applications should
live. It's simply better that way. Trust me, it is.
Shannon Spurling
WAN Engineer -Specialist
MOREnet, Network Services, Core Network
3212 LeMone Industrial Blvd.
Columbia, MO 65201
Main:(573) 884-7200 Fax:(573)884-6673
EMAIL:PROTECTED
EMAIL:PROTECTED
-----Original Message-----
From: Matthew Ross [mailto:EMAIL:PROTECTED]
Sent: Wednesday, April 09, 2003 2:51 PM
To: MLUG Members
Subject: RE: [MLUG] More spam
I'm not talking about "this email has pr0n in it, delete it", I'm
talking about "this address sent over 4000 emails at once into our
system, block them".
> MOREnet doesn't filter your e-mail. We only filter our own.
> How and why would we be filtering your e-mail? That would be
> kind of rude. You have the right to receive all the Spam you
> would ever want. :-)
>
> Shannon Spurling
> WAN Engineer -Specialist
>
> MOREnet, Network Services, Core Network
> 3212 LeMone Industrial Blvd.
> Columbia, MO 65201
>
> Main:(573) 884-7200 Fax:(573)884-6673
>
> EMAIL:PROTECTED
> EMAIL:PROTECTED
>
>
>
> -----Original Message-----
> From: Matthew Ross [mailto:EMAIL:PROTECTED]
> Sent: Wednesday, April 09, 2003 1:09 PM
> To: MLUG Members
> Subject: RE: [MLUG] More spam
>
>
> Perhaps unrelated, but we've noticed a spike in spam mailings
> lately. I'm not sure if this means they've found a new way
> through Morenet's filters, or if (more likely, given the
> "service" we've recieved from them) they never had anything
> remotely excuseable as a filter, and its just the natural
> rhythem of spam.
>
> _______________________________________________
> members mailing list
> EMAIL:PROTECTED
> http://mlug.missouri.edu/mailman/listinfo/members
>
>
> _______________________________________________
> members mailing list
> EMAIL:PROTECTED
> http://mlug.missouri.edu/mailman/listinfo/members
>
_______________________________________________
members mailing list
EMAIL:PROTECTED
http://mlug.missouri.edu/mailman/listinfo/members
_______________________________________________
members mailing list
EMAIL:PROTECTED
http://mlug.missouri.edu/mailman/listinfo/members
_______________________________________________
members mailing list
EMAIL:PROTECTED
http://mlug.missouri.edu/mailman/listinfo/members
Home | FAQ | Server | Presentations | Mailing Lists/Archives | Member Tools | Links | Sponsors | Contact