Stan Hoeppner wrote:
Dennis Guhl put forth on 3/8/2011 11:52 AM:
If you are blocked because of Spamhaus' PBL you are on an consumer
dial up (http://www.spamhaus.org/pbl/)
FYI, the PBL isn't limited to dynamic listings. Many corporations add
their unused IP space to the PBL, along with other IPs within their
netblocks that shouldn't be sending direct mail. They do this as part
of a multi-layered approach to network security, in addition to egress
filtering at the edge firewalls. One errant mouse click by an
apprentice/junior SA can accidentally disable an egress filter, as can a
botched firmware update on a firewall or router, etc, etc. If, when
such a thing occurs, you already have an internal spambot outbreak that
the firewalls/routers were containing...
I would have never considered this until one day the chief of network
security at Nortel informed me they do precisely what I described above.
Dorothy, you're not in Kansas anymore.
If the firewall is blocking an outbreak of spam bots from sending mail
to the outside, why did they not know and fix this? I mean is it so bad
that the whole network team can't contain it? And then someone botched
the firewall which allowed the spam to be sent? Nortel hmmm.
