[Raw Msg Headers][Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: spam suggestion

To: Matti Aarnio <mea@nic.funet.fi>
Subject: Re: spam suggestion
From: Andy Poling <andy@realbig.com>
Date: Mon, 18 Aug 1997 18:23:03 -0400 (EDT)
cc: acli@mingpaoxpress.com, zmailer@nic.funet.fi
In-Reply-To: <19970818194726Z1395-16171+52@nic.funet.fi>

On Mon, 18 Aug 1997, Matti Aarnio wrote:
> > If the assumption that no decent site will
> > use a spammer's front as ns, this might prevent some unknown spammer
> > sites from spamming.
> > 
> > Does this make sense or will it work?
> 
> 	Yes, I have thought of implementing it, but in a bit
> 	different form...
> 
> 	Namely I thought of retrieving (daily) DNS zone files for
> 	COM, ORG, and NET from  rs.internic.net, and looking up
> 	from there those domains that have spam-heaven's as their
> 	NS server.  Then producing that into domain-list file,
> 	and feeding to the policy-maker.sh

You guys are scaring me.  The world of the NIC and DNS is just not that cut
and dried.  There is a problem here, opening the door to a denial of
service.  The NIC does not ask for confirmation/approval before using the
NS's listed on a new domain registration.  The denial of service goes
something like this:  I register my new spamming domain, giving the DNS
nameservers of an enemy in the listing, send out a spam, and watch all you
guys cut off mail to my enemy's domains.  This is over-simplified, but you
probably get the idea.

Real world example:  
I have a WSP client whose nameservers have been listed for bunches of
domains that are not actually used for anything but spamming - even though
they have nothing to do with the domains in question (and without their
permission).  And they have had a helluva hard time getting the NIC to
un-list their nameservers for the bogus/jerk domains.  Why did they list
their nameservers?  Probably because, once upon a time, they hosted one of
their sites... until they got kicked out for spamming.  Or maybe it was
malicious... who knows.  Want to guess how many nasty email message my
client is getting regarding spamming from domains with whom they have no
connection?...

Real world example #2:  
I had a former client who listed me as their technical contact for their
domain.  In the process, they gave a new postal address for me (their
address).  That was 1.5 years ago.  How many more years do you think it will
take me to get the NIC to change my postal address back to *my* address?
Want to guess where all of my paper bills and receipts from the NIC are
going?...

You cannot accept what the NIC gives as an accurate reflection of reality.
They just do whatever any screwball tells them to, and god help you if it
screws you up, because they're not very good at going back and fixing things
afterward...

Be careful when you use info from the NIC as a basis for automatic policy
enforcement.

-Andy

Global Auctions

References:
- Re: spam suggestion
  - From: Matti Aarnio <mea@nic.funet.fi>

Prev by Date: Re: smtpserver rejected something it should not..
Next by Date: Re: spam suggestion
Prev by thread: Re: spam suggestion
Next by thread: Re: smtpserver rejected something it should not..
Index(es):
- Date
- Thread