nanog mailing list archives
Re: Despamming wholesale dialup
From: "Scott Gifford" <sgifford () tir com>
Date: Thu, 29 Oct 1998 17:33:11 -0500
To address this i have proposed installing filters that will only allowthesefolks to connect to port 25 of the ISP that has bought the ports. This way they are not able
to
relay off of anyone elses machineThe problem is for companies like ours that live by selling mail acounts to users of other ISPs. They need POP and SMTP access to our mail servers,
from
whereever they are calling. We are running sendmail v8.9.1 with all the anti-relay stuff and RBL besides. The problem you have is the same one we
have
for secured SMTP, maybe easier. How do you tell the site is secure? In this case testing for open relays is well known. What I really suggest, and this takes some work on your part, is to contact the site's admin and inform them of their open-relay status. If they won't
close
the relay, block them. Alternatively, you can assume that if they haven't gotten their relays closed by now they are too clue-less to do so and block them immediately, with notification.
The problem is when the spam-bastard isn't relaying. We've been getting thousands of messages every week from spammers who buy dialup from various places, then connect directly to the destination mail server to deliver the mail. That's what this prevents. I don't know of any other method that does. An interesting answer to the problem you discussed above was suggested by somebody from the EFF at a spam BOF at USENIX this summer. He suggested that by default, you filter on port 25. But if somebody needs access for legitimate reasons, or even if they don't, have a letter they can fill out, sign, and send in which states that they will not send spam, subject to a $500/message penalty. Then if they do, just bill them. An alternative for you would be to run a mail server on a different port... -------Scott.
Current thread:
- Re: Despamming wholesale dialup, (continued)
- Re: Despamming wholesale dialup Steven J. Sobol (Oct 28)
- Re: Despamming wholesale dialup Roeland M.J. Meyer (Oct 28)
- Re: Despamming wholesale dialup Steven J. Sobol (Oct 28)
- Re: Despamming wholesale dialup Greg A. Woods (Oct 28)
- Re: Despamming wholesale dialup Phil Howard (Oct 28)
- Re: Despamming wholesale dialup Greg A. Woods (Oct 28)
- Re: Despamming wholesale dialup Phil Howard (Oct 28)
- Re: Despamming wholesale dialup Roeland M.J. Meyer (Oct 28)
- Re: Despamming wholesale dialup Greg A. Woods (Oct 29)
- Re: Despamming wholesale dialup Greg A. Woods (Oct 28)
- RE: Despamming wholesale dialup Sean Wade (Oct 29)
- Re: Despamming wholesale dialup Scott Gifford (Oct 29)
- Re: Despamming wholesale dialup Bryan Bradsby (Oct 29)
- Re: Despamming wholesale dialup Phil Howard (Oct 30)
- Re: Despamming wholesale dialup Bryan Bradsby (Oct 30)
- Re: Despamming wholesale dialup Henry Linneweh (Oct 30)
- Re: Despamming wholesale dialup scott w (Oct 30)
- Re: Despamming wholesale dialup Tim Pozar (Oct 30)
- Re: Despamming wholesale dialup Phil Howard (Oct 30)
- Re: Despamming wholesale dialup Bryan Bradsby (Oct 29)
- Re: Despamming wholesale dialup Phil Howard (Oct 30)
- Re: Despamming wholesale dialup Lyndon Nerenberg (Oct 30)
- Re: Despamming wholesale dialup Phil Howard (Oct 30)