Thread: OT - Got broadband?
View Single Post
  #45   Report Post  
Posted to rec.crafts.metalworking
DoN. Nichols DoN. Nichols is offline
external usenet poster
  
Posts: 2,600
Default OT - Got broadband?
On 2008-02-06, Michael A. Terrell wrote:
Jon Elson wrote:

Michael A. Terrell wrote:
"DoN. Nichols" wrote:

[ ... ]

I could really get behind such an effort! Actually, there is a method,
and it needs to be pushed forward. All ISPs would need to require all
email senders to validate their connection by password. Many in the
3rd world don't require this. Then, only documented subscribers could
send email, and the bevy of compromised machines that are currently
being exploited to send most of the CRAP would be disabled.

[ ... ]

I think there needs to be a 'handshake' between mail servers to
verify the IP address matches the server name.

There already is -- and it often fails. But because systems are
configured to give an internal name instead of their external one, valid
mail servers will fail this test.

And I get a lot of spam from sites where the "HELO" handshake
identifies it as an IP instead of a system name -- and that IP happens
to be the IP of one of my own mail servers. The MTA (Mail Transport
Agent) which I run also carefully makes note of the real IP from which
it is delivered, for addition to my blocking.

And I find systems which I have blocked by IP or by partial name
(such as taking something like 123-234-50-60.dhcp.some.domain and just
putting in ".dhcp.some.domain" in the block list since anyone who is on
a dhcp connection should not be running a mail server, since the IP can
change at any time) and I find in the console screen a bunch of refusals
going past and I check and discover that there have been 586 attempts
refused in the past day or less, and more coming, so I add that to the
route block -- where I tell the route system in my mail servers that the
path to that IP is through 127.0.0.1 (the local host and nothing else),
so any handshakes from such connections just die in my system and stop
filling up the log files. :-) I've got major parts of some countries
blocked that way -- and would have all parts if I had any way to look up
all of the IPs allocated to that country. A prime example is Korea,
from which I get nothing but spam and attempts to break into my systems
by trying thousands of passwords with hundreds of supposed user names,
most of which are highly unlikely to ever exist on my systems.

Enjoy,
DoN.

--
Email: | Voice (all times): (703) 938-4564
(too) near Washington D.C. | http://www.d-and-d.com/dnichols/DoN.html
--- Black Holes are where God is dividing by zero ---
Reply With QuoteReply With Quote