Buying or Selling IPv4 Addresses?

Watch this video to discover how ACCELR/8, a transformative trading platform developed by industry veterans Marc Lindsey and Janine Goodman, enables organizations to buy or sell IPv4 blocks as small as /20s.

Avenue4 LLCRead Message Promoted Post

Home / Industry

DNS on Defense, DNS on Offense

Spam is a never-ending problem for service providers. Unfortunately criminals can still make money at someone else's expense so they persist in their mindless campaigns. The DNS is an integral part of well-established techniques for handling incoming spam, so unwanted mail doesn't get delivered to inboxes.

The other side of the problem is stopping outbound spam at its source, so it never leaves the network where it originates. Providers are interested in this for a bunch of reasons: if their network hits a blocklist it can prevent all emails from being received by organizations that use the blocklist. This diminishes the provider's reputation in the eyes of their peers — both literally and figuratively! There is also very real damage to the brand and typically real costs associated with support calls from unhappy users, lost customers, and wasted network resources.

Techniques for controlling outbound spam have mostly focused on managing port 25 traffic, but it's also possible to control outbound spam with the DNS. Since most spam today is sent by bot-infected hosts it's straightforward to use the DNS to identify which hosts on a network are communicating with known botnet command and control systems. It's equally easy to block these communication channels so infected systems can't get any instructions, so they can't send any spam. MX queries from infected hosts can also be blocked to prevent spam from being sent, or redirected to a mail gateway where the messages can be handled according to operator policies.

These two simple techniques can eliminate a huge proportion, up to 90%, of outbound spam with minimal false-positives. The impact on the DNS is minimal — and there is no need for additional equipment in the network, such as appliances. Nominum is hosting a webinar on this topic on April 24, 2012. It will provide details on the two techniques summarized above and describe how the solution can be deployed. Real-world data from two ISPs who have implemented this approach will be discussed as well as the advantages and disadvantages of this approach versus other techniques such as port 25 blocking or DPI.

Nominum

About Nominum – Nominum is the innovation leader in DNS software and Internet Activity Applications. The company's Vantio™ CacheServe software powers the Internet for the world's largest CSPs in 40 countries. Vantio™ ThreatAvert software arms CSP's with the power to stop the spread of inside threats such as botnets and DNS-based DDoS amplification attacks that could impact network availability and reputation. Nominum's N2 applications enable CSP's marketing and customer care teams to leverage subscribers' Internet Activity to better engage, build brand loyalty, improve marketing ROI, and open up new business models. Nominum is a global organization headquartered in Redwood City, CA. Visit Page

Related topics: DNS, Spam
SHARE THIS POST

If you are pressed for time ...

... this is for you. More and more professionals are choosing to publish critical posts on CircleID from all corners of the Internet industry. If you find it hard to keep up daily, consider subscribing to our weekly digest. We will provide you a convenient summary report once a week sent directly to your inbox. It's a quick and easy read.

I make a point of reading CircleID. There is no getting around the utility of knowing what thoughtful people are thinking and saying about our industry.

Vinton Cerf, Co-designer of the TCP/IP Protocols & the Architecture of the Internet

Related

Topics

IP Addressing

Sponsored byAvenue4 LLC

Mobile Internet

Sponsored byAfilias

Cybersecurity

Sponsored byVerisign

DNS Security

Sponsored byAfilias

Promoted Post

Buying or Selling IPv4 Addresses?

Watch this video to discover how ACCELR/8, a transformative trading platform developed by industry veterans Marc Lindsey and Janine Goodman, enables organizations to buy or sell IPv4 blocks as small as /20s.