[SoCoSA/discuss] [NBLUG/talk] Sending to Comcast mailserver woes....
Steve S.
northbaygeek at gmail.com
Tue Nov 27 16:41:26 PST 2007
It'd be sucky to put in per-site allow's for "routine" (and
theoretically "standardized!") stuff like e-mail, but if you think
your prior "firestarter" script was notably more-secure, you might
consider it. You'd still be susceptible to SYN-flood and other
ICMP-based attacks if the sender was spoofing Comcast's mailservers,
but you'd get the rest of the bennie's of the firestarter scripts...
Try putting in ICMP-permit's for the 2 comcast addresses
"76.96.62.116" and "76.96.30.116"... at least, until you figure out a
"better" and/or "more right" solution.
Also note that this may be something temporary. Comcast may be
catching you (as per the articles you cite above) with bogus RST's, or
they may be trying to do something else, but either way it may be
something that goes away again.
- Steve S.
On Nov 20, 2007 9:50 AM, Mark Street <mark at oswizards.com> wrote:
> Did that already.
>
> With the basic bones firewall the queues are empty and life is good.
>
> Thanks,
>
> On Tuesday November 20 2007, Marshall McGowan wrote:
> > Comcast recently started getting a lot stricter about only accepting email
> > from servers with proper reverse DNS entries. You might want to check on
> > that. (They tend to reject things from hosts that look like generic ISP
> > pools to reduce their exposure to spam.)
>
> --
> Mark Street, D.C., RHCE
> CTO Alliance Medical Center
> http://www.oswizards.com
> http://www.alliancemed.org
> --
> "First they ignore you, then they ridicule you, then they fight you, then you
> win" - Gandhi
> "If you want truly to understand something, try to change it" - Kurt Lewin
> --
> Key fingerprint = 3949 39E4 6317 7C3C 023E 2B1F 6FB3 06E7 D109 56C0
> GPG key http://www.oswizards.com/pubkey.asc
>
> _______________________________________________
>
> SoCoSA discuss mailing list
> discuss at socosa.org
> Your address: northbaygeek at gmail.com
> http://socosa.org/mailman/listinfo/discuss
> http://socosa.org/mailman/options/discuss/northbaygeek%40gmail.com
>
More information about the discuss
mailing list