Re: How do you stop outgoing spam?

[Scott Francis <darkuncle () darkuncle net>]

On Tue, Sep 17, 2002 at 08:35:03PM +0200, brad.knowles () skynet be said:
[snip]
> > Much more complex to implement and manage; doesn't scale well. The fewer
> > decisions the anti-spam system has to make, the better it will work. If it
> > only has to decide whether or not a specific IP/port combination has 
> > exceeded
> > a certain threshold, it will run much more smoothly than if it's examining
> > the contents of each packet.
>
>       Indeed, that will be a lot more scalable.  But if you still have 
> to look into each packet to see which ones are link encrypted (and 
> therefore should be left alone) and which ones aren't (and therefore 
> should be transparent proxied and/or traffic-shaped), that is quite a 
> bit more work.
>
>       The question is how much abuse is too much?  Is it okay to allow 
> all open port 25 connections (traffic-shaped to low average 
> bit-rates), or is any abuse too much?

Even the best solution will only approach 100% effectiveness as a limit. As
in many things, it's a tradeoff - how much hassle are you willing to undergo
for a steadily-diminishing return, 80/20 rule, etc. Personally, I'd be happy
for 80% of the operators out there to implement the easiest 80% of things
required to stop spam. If people would just take even the most basic of steps
required to block spam, the picture would improve drastically for all of us.
-- 
-= Scott Francis || darkuncle (at) darkuncle (dot) net =-
  GPG key CB33CCA7 has been revoked; I am now 5537F527
        illum oportet crescere me autem minui

Attachment: _bin
Description: