Stealth Blocking

Jason Slagle raistlin at
Fri May 25 00:04:34 UTC 2001

On Thu, 24 May 2001, Roeland Meyer wrote:

> > From: Jason Slagle [mailto:raistlin at]
> > Sent: Thursday, May 24, 2001 12:57 PM
> > We tell users that if they roam they need to use the mail 
> > server of the place they are roaming to.
> Not without an NDA from us, you're not. Corp traffic stays on corp servers
> and anyone diverting it elsewhere will get a sharp phone call from our legal
> department. It'll be called industrial espionage. Kashpureff went to jail
> for something similar. Of course, we usually use PPTP.

And, as a business we wouldn't divert you.  This is only a solution for
Resi accounts.

> > As a matter of fact, we are in the process of setting up a 
> > set of rules to
> > divert all port 25 bound traffic on our dialups to local mail servers.
> Is this your actual place of business? I will make sure that our account
> reps are not allowed to use your service or POPS, whilst on the road. Also,
> since I'll be doing business with your competition, I'll clue their
> marketing departments in on this wonderful opportunity for them. Since this
> will also prevent your downstreams from running their own SMTP servers
> (which more than one of them probably are), you will probably lose them as
> well.

As I said, it's for resi customers only, and only out of the dialup
pools/DSL pools for them.

> > If everyone diverted all local traffic to a local mail 
> > server, the problem of open relays would go away.
> Problems usually go away when the customers do...
> You probably should talk to your marketing and legal folks, before going
> quite that far.

Well, AOL doesn't seem to be losing customers at a very high rate doing
the same thing.  All outbound port 25 traffic on AOL gets diverted to
internal mail servers.  This may not be fully implemented yet, but where
it is it works great.  Even stamps an X-Apparently-From in there with the
real AOL "Screen Name".  Since doing this AOL Spammers have gone to a near
0 level.

Last I read, UU.Net is starting to force all their dialup resellers to use
a filter or diversion on port 25 too.

Except the rare telecommuter (Who in all reality should be using a
business account anyways, as there is no price difference, just one is
taxable and goes into a different group), I don't see there being a real
reason a residential dialup account needs to use a non-local mail server,
IF you trust local users to specify domains.  If you don't, all bets are

As has been said several times, there is no 1 thing that works for
everyone.  It takes a combination of things to work.  Port 25 diverting is
just one tool in the proverbial belt.

Jason Slagle - CCNP - CCDP
Network Administrator - Toledo Internet Access - Toledo Ohio
- raistlin at - jslagle at - WHOIS JS10172
/"\ . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
\ /   ASCII Ribbon Campaign  . If dreams are like movies then memories
 X  - NO HTML/RTF in e-mail  .   are films about ghosts..
/ \ - NO Word docs in e-mail .     - Adam Duritz - Counting Crows

More information about the NANOG mailing list