On 27 May 2022, at 16:57, Hans-Martin Mosner via mailop wrote:
> Whether blocking a whole ASN is more advisable than blocking a whole TLD is a
> matter of opinion - I've often seen that past spammer hosting in an ASN's IP
> space was a good predictor for future spamminess, but of course as with
For the record, yes.. place the blame where it should be, on the network
operator that allows it.. and Grant's suggestion is the better method if
you can implement...
Use 'detection' to find the bad guys, either by IP or ASN, insert those
into a a reputation list, even if it is only your
On Fri, 27 May 2022 15:22:29 -0600, Grant Taylor via mailop
wrote:
>Is there a reason that you (dynamically) re-configure your MTA(s) via a
>script verses configuring an upstream router to not route traffic from
>the IPs in their ASN?
>
>I'm just trying to understand and learn vicariously
On 5/27/22 3:10 PM, Michael Rathbun via mailop wrote:
I have a script that detects these guys when they fire up a new /24,
which happens about 1.3 times per week, and puts new rules in the MTA.
Is there a reason that you (dynamically) re-configure your MTA(s) via a
script verses configuring
On Fri, 27 May 2022 22:57:37 +0200, Hans-Martin Mosner via mailop
wrote:
>If you look up the MX records for these domains, you see a certain clustering
>around one provider. The IP addresses that
>I checked don't accept port 25 connections at this time, but probably they did
>when the spam
Am 27.05.22 um 21:38 schrieb Michael Rathbun via mailop:
Here are the domains this gang has used in the last seven days:
If you look up the MX records for these domains, you see a certain clustering around one provider. The IP addresses that
I checked don't accept port 25 connections at this