Greenguy's Board - View Single Post

cd34 · 2005-03-22, 01:15 PM

If the zombie isn't listening for port 25, a connection refused will be granted almost immediately. No performance penalty whatsoever to the machine sending the spam.

If the cable/broadband providers start tarpitting or dropping inbound port 25 connections, your mail server will sit there waiting for an ACK for its SYN, and never get it -- thus, launching a mini-DOS on your own mailserver.

If the user had a firewall, and the provider didn't firewall, then they might see some alerts, but, the ones with the zombies probably aren't running firewall/up-to-date antivirus.

I doubt it will do much except sell product and boost IBM's bottom line for 'fighting' spam.

2005-03-22, 01:15 PM	#4
cd34 a.k.a. Sparky Join Date: Sep 2004 Location: West Palm Beach, FL, USA Posts: 2,396	If the zombie isn't listening for port 25, a connection refused will be granted almost immediately. No performance penalty whatsoever to the machine sending the spam. If the cable/broadband providers start tarpitting or dropping inbound port 25 connections, your mail server will sit there waiting for an ACK for its SYN, and never get it -- thus, launching a mini-DOS on your own mailserver. If the user had a firewall, and the provider didn't firewall, then they might see some alerts, but, the ones with the zombies probably aren't running firewall/up-to-date antivirus. I doubt it will do much except sell product and boost IBM's bottom line for 'fighting' spam. __________________ SnapReplay.com a different way to share photos - iPhone & Android