Despamming wholesale dialup

• Previous message (by thread): Despamming wholesale dialup
• Next message (by thread): Despamming wholesale dialup
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Unless you use Microsoft products.  Outlook smtp's, then pops.

		--Dean

At 02:45 PM 10/30/98 -0800, Derek Balling wrote:
>There are solutions available to this problem, the primary one being the
>"smtp-after-pop" hack that is widely available and fairly widely used.
>
>Essentially, issuing a STAT command opens up an SMTP relay window for
><admin-definable> minutes, whereupon if the user hasn't issued another STAT
>in the mean time [e.g. they logged off] the "hole" goes away.
>
>We were using that at my last job and it works just fine.
>
>At 12:38 PM 10/30/98 -0600, Phil Howard wrote:
>>Bryan Bradsby wrote:
>>
>>> Block port 25 (only) from all "open modem banks" (TM) to my SMTP servers. 
>>> If implemented on a large enough scale, the modem user will be
>>> 'encouraged' to use the SMTP server supplied with their account. Make each
>>> dialup customer go through, and be authenticated by their own SMTP
server. 
>>
>>I think I see an additional problem creeping in here.
>>
>>The question is whether a dialup user should use the SMTP server of the
>>facility provider, or of the ISP that actually resells the account.  You
>>could have virtual ISP resellers with no facilities at all, but lets take
>>a look at a small ISP that does have facilities, and is reselling dialup
>>to a national provider so his local business customers can have roaming
>>access without calling an 800 number.
>>
>>If the small ISP opens their SMTP server to the IP addresses of the big
>>national dialup provider, which they would have to do in order to be able
>>to handle that roaming customer who could be just about anywhere, will
>>they not also be opening themselves up to being a relay for any spammer
>>that uses any reseller of that national provider?  Will not such spammers
>>then have access to every ISP doing reselling via that national one?
>>
>>I think the SMTP server that should be used when dialing that national
>>provider is the SMTP server provided by that national provider, unless
>>some kind of VPN is used (to be more technically correct, use the SMTP
>>server of the provider of IP addressing).
>>
>>Roeland's issue still applies when the dialup customer is using his domain
>>name as the FROM/REPLY.  But if the national provider SMTP servers accept
>>any domain name in the FROM/REPLY, and just log the reality as it sees it
>>in the header (e.g. dialup port and time which can be cross checked with
>>the access logs), then anyone can use these dialups, and spammers won't
>>get an advantage of being able to spew their filth to other than the SMTP
>>server of the dialup provider.
>>
>>-- 
>> --    *-----------------------------*      Phil Howard KA9WGN       *    --
>>  --   | Inturnet, Inc.              | Director of Internet Services |   --
>>   --  | Business Internet Solutions |       eng at intur.net        |  --
>>    -- *-----------------------------*      philh at intur.net       * --
>
>
>
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
           Plain Aviation, Inc                  dean at av8.com
           LAN/WAN/UNIX/NT/TCPIP          http://www.av8.com
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

• Previous message (by thread): Despamming wholesale dialup
• Next message (by thread): Despamming wholesale dialup
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]