Mailing List SIMS@mail.stalker.com Message #14825
From: Bill Cole <listbill@scconsult.com>
Subject: Re: Authentication Attempts
Date: Tue, 30 Nov 2004 09:01:15 -0500
To: SIMS Discussions <SIMS@mail.stalker.com>
At 6:26 AM -0700 11/30/04, Warren Michelsen  imposed structure on a stream of electrons, yielding:
Is there nothing that can be done about spammer attempts to
authenticate so as to relay through my SIMS server? Nothing to temp
ban the idiot after xx failed attempts?

Do I just have to put up with it?

You could always try to track each one down to a responsible ISP that can act to stop that address from being used for that activity, but such ISP's are very rare these days and a lot of the attacks come from places like Korea and China where all of the ISP's simply refuse to accept any responsibility to police their networks in any way not ordained by law. At least the US and EU ISP's claim to have acceptable use policies and go through the motions of pretending to enforce them once in a while. It's usually worthwhile to report incidents to AOL and Earthlink, it can be intermittently and occasionally productive to report to the various US baby bell and cable ISP's. European, Australian,. and New Zealand ISP's are a mixed bunch. Hosting providers can be really good or actively cooperating with their miscreant customers. Providers of all sorts in most of the former Warsaw Pact nations, Asia, and Africa are uniformly worthless for abuse reporting. The Internet in most of Africa is run by the same quality of people who have been running everything else there for the past few decades, and it is no more useful to complain of online criminality to ISP's in Nigeria or Liberia than it is to report corruption to their legal authorities.


In the end, protecting your own network is something you have to do on your own,  and that may well mean doing something like I do: drop port 25 packets from 61/8, 210/7, 218/7, 220/7, and 222/8 at the router level, along with a lot of smaller ranges.  That's a choice to wall off a couple billion people from a mail server, but in the end, that may be the best choice until such time as Korea, China, and a lot of smaller nations develop a more sustainable  and neighborly approach to the Internet.
--
Bill Cole
bill@scconsult.com

Subscribe (FEED) Subscribe (DIGEST) Subscribe (INDEX) Unsubscribe Mail to Listmaster