North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Extreme spam testing

  • From: Robin Lynn Frank
  • Date: Mon Dec 22 12:58:48 2003

On Monday 22 December 2003 09:03 am, Chris Brenton  wrote:
> On Mon, 2003-12-22 at 11:04, Etaoin Shrdlu wrote:
> > Um, welcome to the world of spam nazis.
> I've seen returning MX queries and even source address validation, but
> never anything this excessive up till now. IMHO its hard to tell if they
> are looking for spam relays to reduce spam, or because they are looking
> to generate some spam themselves. ;-)
> >  I hate spammers. I loathe and
> > despise them. I hate njabl even more.
> Agreed. My spam is _my_ problem and fixing it should not include making
> it everyone else's problem. Forget whether its legal, its pretty
> inconsiderate as many environments flag this stuff as malicious so it
> triggers alerts.
> >  The last time I called their ISP to
> > complain, I was assured that I must have done something to deserve the
> > aggressive testing.
> As a follow up, it also looks like they did a pretty aggressive port
> scan of my system. Not sure how checking Telnet, X-Windows or RADIUS
> will tell them if I'm a spammer, but what ever.
> >  Well, nope, I didn't, and I don't. They just did it
> > again, and by "it", I mean that they hit every machine in my little
> > netblock
> I've tweaked my perimeter to return host-unreachables to all packets
> originating from their network (rate limited of course). If that stops
> them from accepting me mail, oh well I'll survive.
> Thanks for the confirmation,
> C

This is not the only list where this is occurring.  It has been happening on 
the spamtools list, as well.  We've now dropped them at the firewall.  No 
loss to us.
Robin Lynn Frank | Director of Operations | Paradigm-Omega, LLC