Hello
Daniel Lorch wrote:
> Now's the part I don't quite understand:
>
> 4. Because [someone] wants to stop this domain from working,
> the DNS servers for this Domain will be attacked (DDoS,
> whatever).
>
> I know that RBL servers are quite a popular target among black
> hats, but c'mon, since when do good guys (=the victims of spam)
> fight back like this?
I guess there are two other points which takes the DNS servers of
spammers (or the victim of a "hijacked" DNS server) down:
- The most MTAs which receives eMails checks if the sender domain really
can receive email. I often see the "reject=451 4.1.8 Domain of sender
address [EMAIL PROTECTED] does not resolve" in my logfile. This
happens, when the spammers DNS server times out. Some spammers try to
resend there mail in very short interval (a few minutes) and are
probably DDoSing their DNS servers this way. :)
- Somebody can ask the carrier/ISP to dissconnect the ("hijacked") DNS
servers, so they will practically disable the delivery of the spam mails
to MTAs which check if the domain can receive email.
This are probably enough reasons to close your DNS servers for all
external request expect for zones which it serves.
bye
Fabian
_______________________________________________
swinog mailing list
[EMAIL PROTECTED]
http://lists.init7.net/cgi-bin/mailman/listinfo/swinog
