(Somewhat pf relevant...)
--As off Monday, December 29, 2003 3:06 PM -0700, Edward A. Gardner is alleged to have said:
Is this simply recognizing the well-known non-routable IP addresses (10..., 192.168.., etc.) in the source address of an incoming connection to port 25? I don't see how that could ever happen. Is it scanning email headers for those addresses? I don't see that this would filter much of anything. One of the "ideological battle" messages blamed some part of this on NAT; I don't see where NAT has anything to do with this, as NAT is not the only source of dynamic addresses.
--As for the rest, it is mine.
My experience is that it is done by knowing which addresses are dynamic: Many ISP's directly list which IP addresses they assign dynamically, and for those that don't a watch of their customers will quickly tell you. People then block directly on those addresses: if a SMTP connection comes in from one it is dropped/blocked/slowed (depending on the Sysadmin's taste).
Basically, the sysadmin considers the known dynamically assigned IP addresses a form of extended non-routable IP addresses.
Daniel T. Staal
--------------------------------------------------------------- This email copyright the author. Unless otherwise noted, you are expressly allowed to retransmit, quote, or otherwise use the contents for non-commercial purposes. This copyright will expire 5 years after the author's death, or in 30 years, whichever is longer, unless such a period is in excess of local copyright law. ---------------------------------------------------------------
