Interesting People mailing list archives
Re: My [Phil Karn] position on Comcastidiocy
From: David Farber <dave () farber net>
Date: Sun, 20 Jan 2008 06:54:12 -0800
________________________________________ From: Zach White [zwhite () darkstar frop org] Sent: Sunday, January 20, 2008 9:33 AM To: David Farber; Phil Karn Subject: Re: [IP] My [Phil Karn] position on Comcastidiocy Dave, for IP, if you wish. On Sun, Jan 19, 2008 at 08:04:51PM -0500, Phil Karn wrote:
Everybody seems to assume that blocking direct usage of port 25 somehow stops spam. BUT HOW??!? Exactly HOW does forcing outbound mail to take an unnecessary hop through the ISP's outbound MTA stop spam? Does the MTA have some sort of magic spam recognizer? If so, why can't it be used by every inbound MTA?
Blocking port 25 is not a perfect solution. Neither is filtering, turning off customers, or forcing everyone through a mail relay. However, these are the best solutions we currently have. A computer connected a standard 1.5mb/256k 24/7 internet connection can send millions of emails per month, by connecting directly to remote servers on port 25. By forcing them to use the ISP's mail relay we have severely reduced that number, and made it a lot easier for Comcast to detect customers sending more email than is reasonable for a single person to be sending. We also don't need to do any filtering on Comcast's mail relay. Comcast can simply limit their customer to some reasonable number of messages per day. Can you honestly say you'll need to send more than 200 or 300 messages per day? What if that limit was 500 or 1000? If you really do send that many messages per day you're already beyond the usage level of a casual user, and should be using a more robust service.
The closest thing we have to a magic spam recognizer is Spam Assassin. It (or an equivalent package) is ALREADY in use by nearly every inbound MTA. How does duplicating this function in an outbound MTA -- or even *having* mandatory outbound MTAs -- help the spam problem?
You're perfectly free to wear a gas mask. How does installing filters on my factory's smoke stack make a difference to you? It will just make it harder for me to produce my widget, which is in high demand! Besides, there are still cars so you still need to wear the gas mask, and carbon filters aren't 100% perfect anyway! Like it or not, spam is network pollution. This situation affects more people than Comcast and its customers. Without the port 25 block, Comcast spews millions of spam emails per day from its network. With the port 25 block they can more easily catch and stop infected machines from sending spam 24/7, because they have a central place that email flows through. I changed jobs 6 months ago, so I no longer run a corporate mail server. When I did, my daily spam report always included Comcast in the top 5 mail sources. I would love how those stats have changed since the block went into effect. I suspect that comcast won't show up anywhere in that report now.
Passive stream monitoring clearly requires far less resources than a mandatory MTA. MTAs are infamous resource hogs. Users often complain of long delays in their outbound mail, as can be expected when everyone is forced to use them for no good reason. Indeed, users should be active ENCOURAGED to minimize their use of ISP resources by delivering their mail directly to its destinations when possible.
You have clearly never run a network as geographically diverse as Comcast's. What exactly about passive stream monitoring requires fewer resources? The fact that you have to put equipment at all your POPs? The fact that your core routers don't have the ability to both route traffic and mirror that traffic onto your monitoring network, so you have to push this out to your edge? The increased number of servers whose only job is to snoop on what your customers are doing? The additional configuration and complexity in your network? Further, I would ask what the business advantage of this method is. The fact that this destroys your common carrier status? The potential this possibility leaves for future sniffing of other traffic? (Mr. Karn, can you explain to us why you viewed the Al Jazeera website in Farsi?) The potential uproar when a disgruntled employee exposes what you're doing in an unkind way? To quote a popular phrase from NANOG, "I encourage all of my competitors to do this." -Zach ------------------------------------------- Archives: http://v2.listbox.com/member/archive/247/=now RSS Feed: http://v2.listbox.com/member/archive/rss/247/ Powered by Listbox: http://www.listbox.com
Current thread:
- My [Phil Karn] position on Comcastidiocy David Farber (Jan 20)
- <Possible follow-ups>
- Re: My [Phil Karn] position on Comcastidiocy David Farber (Jan 20)
- Re: My [Phil Karn] position on Comcastidiocy David Farber (Jan 21)
- Re: My [Phil Karn] position on Comcastidiocy David Farber (Jan 21)
- Re: My [Phil Karn] position on Comcastidiocy David Farber (Jan 21)
- Re: My [Phil Karn] position on Comcastidiocy David Farber (Jan 22)