[Esd-l] badtrans ad infinitum

Christian Parigger cparigge at utsi.edu
Wed Nov 28 07:22:01 PST 2001

Hash: SHA1


 Your "sanitizer" has been very useful, yet I have 'imposed' a rather
stringent policy almost without
 relaxing things. Some actually object by having this protection, and
the ones that object have recently
 received and had blocked  badtrans. That's just the way things seem
to be in life. I fully appreciate 
your upgrades, yet certainly I am/ we are not 'infinitely' save.

 One idea would include the use of portsentry-alike protection for
flodding from certain sites, although
 I am not certain how to do that with email, viz. if more than
so-many "active emails" come from a site
 per hour or day, block the site (I'd know how to that with attacks
on ports to a reasonable degree).

 I/we have been flodded with Sircam back in July, whereby
"overfloweth" resulted in my/our quarantine. Therefore,
 the milder solution would perhaps be to blackhole (or bit-bucket
into /dev/null) active email received at a 
 set rate from certain sites (rather than blocking the whole site).


 P.S.: I'd be happy to send an e-mail as well, as long as we do not
generate an agreed DoS I'd have to say.
- ----- Original Message ----- 
From: "John D. Hardin" <jhardin at impsec.org>
To: "Email Security Discussion list" <Esd-l at spconnect.com>
Sent: Wednesday, November 28, 2001 8:49 AM
Subject: [Esd-l] badtrans ad infinitum

> My quarantine overfloweth.
> Does anybody know BillG's email address so we can all do something
> useful with these damned things?
> --
>  John Hardin KA7OHZ    ICQ#15735746   
> http://www.impsec.org/~jhardin/ 
>  jhardin at impsec.org                       pgpk -a
> jhardin at wolfenet.com 
>   768: 0x41EA94F5 - A3 0C 5B C2 EF 0D 2C E5  E9 BF C8 33 A7 A9 CE
> 76  
>  1024: 0xB8732E79 - 2D8C 34F4 6411 F507 136C  AF76 D822 E6E6 B873
> 2E79
> --------------------------------------------------------------------
> --- 
>   In 1998 more than three times as many people in the US were
> killed 
>   by incompetent physicians than were killed by handguns, yet the
>   President of the A.M.A. is adopting "gun safety" as his platform.
> --------------------------------------------------------------------
> --- 
>    1070 days until the Presidential Election
> _______________________________________________
> Esd-l mailing list
> Esd-l at spconnect.com

Version: PGPfreeware 7.0.3 for non-commercial use <http://www.pgp.com>


More information about the esd-l mailing list