On Thu, 27 Jan 2000, Sean Clarke wrote:
> Be warn this hostname/ip have been causing me alot of grief.
>
> Host: 1Cust190.tnt1.iowa-city.ia.da.uu.net
Two things come to mind...
First, that's a uu.net dialup IP, so there's a good chance that the person
attacking your system has another IP address by now, and the person using
that IP address now is not the same person who was attacking.
Second, I prefer to disable access to every service other than WWW and
(maybe) FTP from *.da.uu.net entirely. Ditto for every other dynamic-IP
dialup address space I learn of.
This goes double for SMTP. Legitimate uu.net users for the most part use
uu.net SMTP servers to send mail. To my knowledge, every single
connection to my own port 25 from *.da.uu.net has been from a spammer.
There's a "dial-up list" blackhole system for SMTP, but I haven't been
able to get it to work. :-/ If anyone wants to share tips on configuring
this, I'm all ears!
Blocking access like this is a topic of some debate, but personally I
think it's worth the trouble. YMMV, it's your machine and your decision.
It's not just da.uu.net, of course. Some of the other "big" dialup
domains include:
popsite.net
dial-access.att.net
pub-ip.psi.net
dialsprint.net
dialup.earthlink.net
--
To unsubscribe: mail [EMAIL PROTECTED] with "unsubscribe"
as the Subject.
