*WARNING* Configuration of your router with the following file may cause multiple configuration errors. Do not configure your router with the following information. Recently today, Nap.Net's coprorate mail exhanger (does not support relaying) was e-mail bombed. Upon tracking this down, we found that the attack was sourcing from kaiwan.com. Our NOC contacted thier contact per InterNIC database, and asked them about the attack, thinking it might have been relayed through them or such. However, the nice gentleman on the phone (read irony into that please) said that that in fact was not the case. The had a script that when it identifies SPAM, it parses the header, retrieves the path of the spam, gets the contact info from the InterNIC database, and then sends multiple emails out to the path of the SPAM for each one received. An automated Denial of Service attack. How nice. Kaiwan.com has been completely uncooperative. Nap.Net has a strict AUP, and has agressively addressed any SPAM complaints addressed against any of it's downstream customers. However, unfortunately a customer must SPAM at least once before we can identify such SPAM. Automated scripts like this are of no help, and in fact possibly cause more harm than help. Just an FYI, it was either steam here, or add a network statement to my BGP config that contains more specific routes of kaiwan.com. This seemed a little less drastic. Chris A. Icide ---------------------------------------------------------------------- Chris A. Icide Genuity, Inc. / Nap.Net, L.L.C. Sr. Network Engineer 4041 North Central Ave. Suite 400 602-207-6409 Phoenix, AZ 85012 - Notice: NVRAM invalid, possibly due to write erase. Press RETURN to get started! - PGP Keys located at pgpkeys.mit.edu or http://nap.net/~chris/keys.html ----------------------------------------------------------------------