Re: [IMail Forum] Verizon problems

Mon, 10 Jul 2006 07:35:19 -0700

Verizon has caused a lot of us a lot problems and lost time over the past couple years with their weird blocking policies and difficult-to-contact mail admin people.
I'm working for a high-volume Imail "mail cleaning" client who was asked to save the mail flow of domain that had been shut down by a very high volume, very distributed attack. IMGate saved the domain, but now we're trying to save IMGate! Just joking, IMGate is holding up extremely well. 

Hanging up on a TCP session after 3 SMTP 5xx rejects (bad recip), and


hanging up on a TCP session when an IP has connected to IMGate more 
that 20 times in 30 minutes



... are the two extremely efficient policies that render the attack 
manageable.



We firewall-blocked the worst-of-the-worst Class C in Poland. For the 
last 3 days, the highest volume attack has been from the MTAs at our 
friends over at Verizon.


This report is for 00:00 to 10:30 Monday, is
1) the number of rejects of unknown recipient
2) per sending IP:

 831 big-1c.inet.it[213.92.5.8]:
 724 sv23pub.verizon.net[206.46.252.159]:
 723 vc01.odins.osaka-u.ac.jp[133.1.192.51]:
 717 sv10pub.verizon.net[206.46.252.146]:
 714 sv5pub.verizon.net[206.46.252.141]:
 714 sv19pub.verizon.net[206.46.252.155]:
 710 sv17pub.verizon.net[206.46.252.153]:
 704 sv9pub.verizon.net[206.46.252.145]:
 703 sv22pub.verizon.net[206.46.252.158]:
 702 sv7pub.verizon.net[206.46.252.143]:
 702 sv20pub.verizon.net[206.46.252.156]:
 701 sv4pub.verizon.net[206.46.252.140]:
 700 sv3pub.verizon.net[206.46.252.139]:
 700 sv27pub.verizon.net[206.46.252.163]:
 700 sv14pub.verizon.net[206.46.252.150]:
 698 sv6pub.verizon.net[206.46.252.142]:
 697 sv21pub.verizon.net[206.46.252.157]:
 697 sv11pub.verizon.net[206.46.252.147]:
 696 sv28pub.verizon.net[206.46.252.164]:
 696 sv25pub.verizon.net[206.46.252.161]:
 695 sv18pub.verizon.net[206.46.252.154]:
 694 sv8pub.verizon.net[206.46.252.144]:
 694 sv1pub.verizon.net[206.46.252.137]:
 692 sv16pub.verizon.net[206.46.252.152]:
 690 sv24pub.verizon.net[206.46.252.160]:
 687 sv15pub.verizon.net[206.46.252.151]:
 686 sv13pub.verizon.net[206.46.252.149]:
 682 sv26pub.verizon.net[206.46.252.162]:
 682 sv12pub.verizon.net[206.46.252.148]:
 656 mail2.intuit.com[12.149.175.12]:
 644 smtp-haw.frontbridge.com[12.129.219.126]:
 600 mail9.tpgi.com.au[203.12.160.104]:
 583 mail6.tpgi.com.au[203.12.160.113]:
 574 mail5.tpgi.com.au[203.12.160.101]:
 568 mail.acro.com[67.52.56.90]:
 565 mail7.tpgi.com.au[203.12.160.103]:
 560 smtp-out2.net.av.oleane.com[195.25.12.12]:
 521 mail4.tpgi.com.au[203.12.160.61]:
 507 capp.info[66.77.160.10]:
 501 webmail.thai.com[203.150.217.100]:
 486 unknown[204.9.125.51]:
 485 smtpout.colosseum.com[207.139.99.2]:
 482 ftp.esecurecare.com[206.126.160.95]:
 480 mail.abebooks.com[64.251.77.205]:
 476 unet-mx1.uk.clara.net[195.102.244.134]:
 473 mxout.iskon.hr[213.191.128.10]:
 473 mforward.dtag.de[194.25.242.123]:
 etc.

The report contains 145316 IPs.  :)  IMGate machine is 95% idle.  :)

Len


To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html
List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/
Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/






















					Reply via email to