Hi Grant, Thanks for your reply. Sure, I expect all sorts of folks (including spammers) to try to send email to my customers, as well as bad actors who will try to brute-force accounts. We all have lots of protections in place for those circumstances.
But IMHO, just opening up a connection on TCP port 25 repeatedly without actually trying to send an email inbound, or opening up a connection on TCP port 587 without trying to authenticate is not a legitimate nor legal use; it pretty much looks like an APT that's a prelude to a DDoS attack. So I asked Linode nicely to please take a look; they said they felt it was legitimate traffic because it's just "research" and not "malicious", and then I asked them to stop because we felt it wasn't legal (or give us their IPs so we could stop it), and they said no. If this behavior was coming from a single IP, or in sufficient volume, our protections would have already blocked the offending IPs. Since I have no way to vet the legitimacy of this organization, I asked here if anyone else has experience with them. Thanks again, Mark _________________________________________________________________ L. Mark Stone, Founder North America's Leading Zimbra VAR/BSP/Training Partner For Companies With Mission-Critical Email Needs ----- Original Message ----- From: "Grant Taylor via mailop" <mailop@mailop.org> To: "mailop" <mailop@mailop.org> Sent: Friday, May 6, 2022 1:13:54 PM Subject: Re: [mailop] Internet Research Project on Linode - Any Experience? On 5/6/22 10:33 AM, Jarland Donnell via mailop wrote: > Isn't that a bit of an overreaction? If you didn't want any undesirable > traffic you'd whitelist IPs in your firewall or run it on LAN. It's a > very standard expectation that other servers will hit yours without your > consent on the public internet. I too believe that having something connected to the Internet without a firewall (et al.) filtering the connections is implicit agreement for someone to connect to the port. If for nothing other than lack of steps to prevent them from doing so. In my opinion, being on the Internet is very much akin to being in public. You have exceedingly little, if any, expectation that someone won't try to connect to any port that they can communicate with. As a Linode user, I would also prefer it if you didn't block Linode addresses carte blanch. -- Grant. . . . unix || die _______________________________________________ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop _______________________________________________ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
