nanog mailing list archives
Re: Lazy network operators
From: "Stephen J. Wilcox" <steve () telecomplete co uk>
Date: Tue, 13 Apr 2004 20:39:46 +0100 (BST)
On Tue, 13 Apr 2004, John Curran wrote:
Vixie writes:since we're talking about laziness, let's look at two ways in which we (nanog "members" and others like us around the world) have been lazy, for decades, and have therefore helped to create the current miserable "abuse" situation.The reality is that the vast majority of end-user customers connected to the Internet have one or two email servers, and there is no reason to allow client connections to port 25 for posting. If ISP's simply filtered port 25 by default except from specified servers, there wouldn't be a huge base of client systems to tap into for robo-farms for spamming.
Hi John, I dont think this is a fair assessment of the SMTP 'abuse' problem.. its a lot more complicated, blocking port 25 will not reduce the volume of spam at all. Most of the spam I'm seeing comes directly from end user hosts that have either an open proxy on them or some kind of malware with its own SMTP engine designed to send out junk.. in this model the only port 25 traffic is that from the end host coming outwards, I believe you're suggestion is to filter port 25 towards hosts. Even blocking the outbound 25 traffic (eg pushing it via the ISP SMTP relay) will not stop the emails. It is possible to extend this and implement some sort of statistical sanity checking on the mail being relayed (eg alarm/deny mail once it exceeds X/minute/host) which is potentially a workable solution.. I'd be interested if theres any patches to the major MTAs to do something with this (we use exim) as it could be an interesting test. Of course this model throws up new problems you need to address such as roaming users not being able to smtp via their 'home' ISP via auth'd SMTP, making sure you dont filter ISP-ISP port 25 traffic etc Steve
Current thread:
- Re: Abuse mail boxese (was Re: Lazy network operators), (continued)
- Re: Abuse mail boxese (was Re: Lazy network operators) Valdis . Kletnieks (Apr 12)
- Re: Abuse mail boxese (was Re: Lazy network operators) Deepak Jain (Apr 12)
- Re: Abuse mail boxese (was Re: Lazy network operators) Dan Hollis (Apr 12)
- Re: Abuse mail boxese (was Re: Lazy network operators) Paul Vixie (Apr 12)
- Re: Abuse mail boxese (was Re: Lazy network operators) Eric A. Hall (Apr 12)
- Re: Abuse mail boxese (was Re: Lazy network operators) J.D. Falk (Apr 12)
- Re: Lazy network operators E.B. Dreger (Apr 13)
- Re: Lazy network operators Stephen J. Wilcox (Apr 13)
- Re: Lazy network operators John Curran (Apr 13)
- Re: Lazy network operators Sean Donelan (Apr 13)
- Re: Lazy network operators Andrew - Supernews (Apr 13)
- Re: Lazy network operators Iljitsch van Beijnum (Apr 13)
- Re: Lazy network operators John Curran (Apr 13)
- Re: Lazy network operators Randy Bush (Apr 13)
- Re: Lazy network operators Christopher L. Morrow (Apr 13)
- Re: Lazy network operators Randy Bush (Apr 13)
- Re: Lazy network operators Christopher L. Morrow (Apr 13)
- Re: Lazy network operators Robert E. Seastrom (Apr 14)