27 Oct
2006
27 Oct
'06
11:53 a.m.
How is this attack avoided?
Sounds like the attack is inherent in SPF. In that case,
how did the thread about dns providers and rfc compliance morph into SPF and spam discussions?
Ask Doug Otis. He stated that SPF sets the stage for DDoS attacks against DNS servers. Presumably he said this because it points to another *COST* of DDoS that could be used as a business justification to implement BCP38. Or you could look at it as a weakness of SPF that should be used as a justification for discouraging its use. After all if we discourage botnets because they are DDoS enablers, shouldn't we discourage other DDoS enablers like SPF? --Michael Dillon