Attack of the Killer Spam

John R. Levine johnl at
Wed Dec 31 03:46:22 UTC 1997

>- only allow SMTP relaying from IP's assigned to *their customers*
>dynamically (cross-reference Radius logs?)

I have heard that uunet and PSI don't provide enough information in
real time for their POP farm ISP customers to tell the difference
between their own customers and other random users of the same POP
farms, much less tell which user is on which IP so they can stamp
outgoing mail.

Is that still true?

Speaking of POP farms, the other major one is IBM -- how much
real-time info do they provide?

And since we're on this topic, at NANOG in Scottsdale we suggested
that ISPs firewall in their users so the only port 25 connections they
can make are to the ISP's own SMTP server, so the ISP can stamp
outgoing mail with the actual sender ID and possibly do volume
monitoring and choking.  (You could either block connections or other
systems, or warp them to your own servers, and you'd need provision
for exceptions for people who send in a signed AUP, etc.)  How far is
that from being feasible for POP farm customers?

John R. Levine, IECC, POB 640 Trumansburg NY 14886 +1 607 387 6869
johnl at, Village Trustee and Sewer Commissioner,, 
Finger for PGP key, f'print = 3A 5B D0 3F D9 A0 6A A4  2D AC 1E 9E A6 36 A3 47 

More information about the NANOG mailing list