Re: [anti-spam-wg@localhost] European open proxy hijacking (not op, but op hijacking) - someone working on this?

To: Claes Tullbrink < >
From: amar < >
Date: Tue, 16 Sep 2003 15:01:57 +0200
Organization: Telia Net

Claes Tullbrink wrote:

> Don't know how many of you has observered (or more;) Ronald F.
> Guilmettes open proxy hijacking project, listing the most used
> providers (with their backbone) from where open proxies is feed (to be
> clear, that is: *not* the net with most open proxies, but the net
> *feeding* those open proxies on other nets).

Yes, I have seen it.

> A (volume) top 40 list is posted in NANAE and at least in some
> anti-spam mailing lists, and now at
> <www.monkeys.com/upl/top-20030912.post> as well.

I have seen that as well.

> Most (among those the top 12) is US, but there are some European as
> well. RFG may be a PITA, but his usually know what he talks about, and
> I think you'll agree that just stopping the open proxies isn't enough,
> new proxies are found and exploited each [whatever short period of
> time], but cut off the feeders, and maybe it will make a difference.

That is stepping into a tarpit that some providers
are carefull not to step into.  I knew that some
providers are filtering/blocking traffig from what
is considered "rough sites". But filtering is a
to hot potato to touch for some. 

> So:
> 
> telecomitalia.it / seabone.net
> Telia.net / mtu.ru
> MCI UK / RTComm.RU
> Sprintlink DE / Schlund.de

Hey, it's us ;-)

> ... anybody here knows if it's noticed and handled at those fine
> companies? Amar?

Yes. I belive that a lot is handled without the knowledge
of the public. But some providers maybe do more than
others.

Keep up the good work U and Your friends are doing Clas,

Regards

-- amar

Post To The List:

References:
- [anti-spam-wg@localhost] European open proxy hijacking (not op, but op hijacking) - someone working on this?
  - From: Claes Tullbrink

<<< Chronological >>>

Author Subject

<<< Threads >>>