Re: Mudslicking to counter SPAM (was TARPIT)
> Relays are !NOT! innocent, they are so bad administrated, that they
> relay SPAM. Those sites deserve to become reinstalled.
They need to be sorted. DOSing them is probably not a reasonable
answer, although we may disagree on this. Continuing that specific
point is likely to be a religious war so I will respond no more on it.
Additionally some of the bounces will be coming from end systems not
involved in the relaying and completely innocent other than being
targetted as spam recipients. The numbers argument below applies to
them in orders of magnitude.
The *specific* example that was presented was one system that holds the
domain which is being used as the (forged) sender address for spam runs
through multiple relays.
There are multiple relays sending out spam. There is one of your
machine. Your box is receiving bounces for non-existant spam recipient
addresses from those relays. Attempting teergrubing is going to mean
that each of those relay boxes has a bunch of connections open to your
box. Now tell me who dies first in this scenario. Even if you manage
to take out one of the relays (and these are of course a set of moving
targets), they will be back at you in far too short a time.
You will do better to just RBL those hosts out completely - however
whether you can do this is a political issue on what level of anti-spam
regime you can take.
Your mudslicking approach is an example of a social/legal/political
answer to the problem - which you may recall is exactly what I
suggested needed to be done in my original message.
I would be very wary about transgressing libel laws in these cases -
many ISPs have more lawyers than clues.
[ - Opinions expressed are personal and may not be shared by VData - ]
[ Nigel Metheringham Nigel.Metheringham@VData.co.uk ]
[ Phone: +44 1423 850000 Fax +44 1423 858866 ]