hobbit at avian.org
Wed Sep 3 12:15:41 CDT 2008
Wow, lots of responses already. Thanks, good discussion.
I should clarify a little, that it's not necessarily about "blanket"
port blocking or denying "random" ports as threats are perceived,
but where needed in a well thought-out manner and trying to take
customer needs [stated or observed] into account first. And back
it up with AUP verbiage. There must be plenty of places where it
just makes sense, and others where it's borderline, iffy, or
unmanageable. One has to start *someplace*.
Oh, and don't get me started about abuse-desk competency, or even
existence, especially in the big providers. I'll bet most of them
can't even find the *rack* where the autoresponder machine is, let
alone actually figure out why its disk has been full for six months.
Related question, now that some discussion has started: why the F
does Gmail refuse to put real, identifiable injection-path headers
in mail they relay out? The current "policy" only protects spammer
identities behind a meaningless 10.x and is completely at odds with
what almost every other freemail provider does, which of course
breaks any receiving-end model. Who's here from Google that I can
chat with about this?
More information about the NANOG