open relays at Earthlink
Steve Davies
steved at uk.uu.net
Fri Aug 21 23:34:01 UTC 1998
On Fri, 21 Aug 1998, Dalvenjah FoxFire wrote:
> One extremely simple fix that the UUnet folks appear not to have stumbled
> upon is to firewall outgoing connections on port 25 to any hosts other
> than a specific list of earthlink, MSN, &etc mail hosts. This would only
> require reconfiguration on the part of the particularly obstinate customers
> who didn't follow the directions properly in the first place, and would
> for the most part kill off the relay hijacking that goes on from those
> networks.
ISPs sell customers a TCP/IP connection to the Internet. To me that means
taking my IP datagrams and delivering them to where I address them. I
don't see that filtering of outbound traffic is part of such a product,
any more than hijacking my connects to port 80 somewhere and plumbing me
into a "transparent" web cache is.
Why shouldn't dialup users run MTAs that do "proper" delivery?
On the other hand, I would fully support anyone's right to filter
connections from my dialin user pool addresses if they felt that they
needed to do that. I would, in my personal opinion, be happy to provide
such a person with my IP pool address ranges, or info on the domain names
we use for that (which are easy to deduce, anyway?).
(Of course, I'd rather persuade this person than my organization deals
responsibly with spammers - but no doubt I'd be unable to persuade some)
If enough people refused to take mail from my pool addresses then I guess
my customers will be duly "encouraged" to use the provided relays. (Most
do anyway, of course) If only a few refuse to take the mail then most
deliveries still work fine directly; and those few feel happy that they
are "protected".
Doesn't this arrangement make sense?
Regards,
Steve Davies
Operations, UUNET UK
(Who is in the UUNET group but does not influence policy for UUNET US)
More information about the NANOG
mailing list