Lazy network operators
Iljitsch van Beijnum
iljitsch at muada.com
Tue Apr 13 21:15:15 UTC 2004
On 13-apr-04, at 22:32, Sean Donelan wrote:
>> I'm very much suggesting blocking outward to the Internet port 25
>> traffic, except from configured mail relays for that end-user site.
>> Those hosts which have MSTP malware are stopped cold as a result.
> NNTP is set up almost everywhere with configured server to server
> connections, and essentially all "open" NNTP user access has been
> closed down over the years.
> How is the spam problem on USENET these days?
I've been on Usenet again for a while last year and there was
surprisingly little spam compared to some years back. Apparently some
people have taken it upon themselves to remove all the spam that pops
up. NTTP is at an advantage over SMTP here because "personalizing"
messages for each recipient isn't possible here.
Talking about lazy: blocking port 25 is very lazy, in several ways:
intelectually, morally and just plain way. It's intellectually lazy
because there are other ways to arrive at the same result that don't
arbitrarily block communications between two consenting hosts. Morally
it's lazy to assume that just because you don't need something, others
won't either. And of course having all those access networks install
filters rather than work on the problem yourself is just plain lazy.
If we all agree that we don't want to talk SMTP to broadband consumers,
it shouldn't be too hard to come up with a registry that lists IP
addresses used by broadband consumers. Or maybe it's easier to work the
other way around and list the servers we actually may want to talk to.
This approach has two main advantages over filtering port 25:
1. People can still talk to unlisted SMTP hosts if they feel they have
a good reason to do so (ie, I get to deliver messages directly to my
server from home rather than being forced to use my service provider's
which may or may not work)
2. Checking is done per SMTP session rather than per IP packet
The good news is that the IETF is now starting work on this, so expect
results in two or three years.
More information about the NANOG
mailing list