Lazy network operators

• Previous message (by thread): Lazy network operators
• Next message (by thread): Lazy network operators
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 13-apr-04, at 22:32, Sean Donelan wrote:

>>    I'm very much suggesting blocking outward to the Internet port 25
>>    traffic, except from configured mail relays for that end-user site.
>>    Those hosts which have MSTP malware are stopped cold as a result.

> NNTP is set up almost everywhere with configured server to server
> connections, and essentially all "open" NNTP user access has been
> closed down over the years.

> How is the spam problem on USENET these days?

I've been on Usenet again for a while last year and there was 
surprisingly little spam compared to some years back. Apparently some 
people have taken it upon themselves to remove all the spam that pops 
up. NTTP is at an advantage over SMTP here because "personalizing" 
messages for each recipient isn't possible here.

Talking about lazy: blocking port 25 is very lazy, in several ways: 
intelectually, morally and just plain way. It's intellectually lazy 
because there are other ways to arrive at the same result that don't 
arbitrarily block communications between two consenting hosts. Morally 
it's lazy to assume that just because you don't need something, others 
won't either. And of course having all those access networks install 
filters rather than work on the problem yourself is just plain lazy.

If we all agree that we don't want to talk SMTP to broadband consumers, 
it shouldn't be too hard to come up with a registry that lists IP 
addresses used by broadband consumers. Or maybe it's easier to work the 
other way around and list the servers we actually may want to talk to. 
This approach has two main advantages over filtering port 25:

1. People can still talk to unlisted SMTP hosts if they feel they have 
a good reason to do so (ie, I get to deliver messages directly to my 
server from home rather than being forced to use my service provider's 
which may or may not work)
2. Checking is done per SMTP session rather than per IP packet

The good news is that the IETF is now starting work on this, so expect 
results in two or three years.

• Previous message (by thread): Lazy network operators
• Next message (by thread): Lazy network operators
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]