Paul's Mailfrom (Was: IETF SMTP Working Group Proposal at

Thu Aug 29 09:54:16 UTC 2002

Barry Shein wrote:

> Fair enough but let me explain why I find this unsatisfying.
> 
> It's like I'm living in a neighborhood where the crime rate is rising
> and rising, and you're "selling" security grates and better locks.
> 
> They even seem to keep the crooks out of the bedroom at night for a
> while anyhow, so that's your measure, often keeps you from being
> murdered!
> 
> The problem is, the crooks are still banging at the doors, trying to
> crowbar their way in, etc.

But as long as you live that's better than letting them have their ways
now is it.
Now stop the anal-ogies and come up with something that will _stop_ the
crackdealing.
You might notice due the fact that the internet is an immense thing,
spread over many
different countries with many different regulations and laws that one
certainly can't
"break down the crackhouses and stop the drive-by's"

> 
> Let me give two common spam examples to show this is a very tight
> analogy:
> 
> a) The other day our mail servers were groaning unusually.
> 
> What was happening was that someone had firehosed MSN.COM with a spam
> with a return address forged with our domain.
> 
> So even tho we were blocking it, in fact the bounce user didn't exist
> so we didn't really have to block it, all of MSN's server power being
> pointed at us trying to return many thousands of bounces as fast as
> they could was quite painful.
> 
> b) A few weeks ago I counted over 200 open relays simultaneously
> spewing the same spam at us.
Thats where RBL's are for, they close them up, if you had used an RBL
your box would simply deny those relays at all, block them IP based and
bingo
no spewing from them.

> The point being they will fill your pipes, cause you to need more
> servers just to run these various filters, run our people ragged, etc.
If it's war you are talking about, they could also 'simply' ddos your
boxes
away, with spam or with packets, they don't mind...

> So, it's nice that someone is providing security grates and alarm
> systems etc, but it'd be nice if the crack (spam) houses would just
> shut down entirely so we could sit on our porches and chit-chat
> without worrying about the constant drive-by shootings.
One way of doing that is pulling your plug from the internet, there are
always
going to be people who don't and won't play nice simply because they see
some
easy bucks or at least even if they think they see them ;)
Or they simply won't because they think it's fun to harrass others.
Kick one down and the next comes up, put a bar in their faces and they
will need
to do more work to get in, but at least one is not keeping the door open
for them
putting it in your words: 'killing you in your sleep'.

> If you get my drift.
> 
> And that's going to require socio-legal approaches, not ever stronger
> security grates.
Nopes all it takes is making the protocol secure against these fake
messages.
This takes away the way of even sending you the message at all and stops
your bounces ;)

> Because sooner or later you can't see out the grated windows any more
> or get some air through them, and you're afraid to go outside...
Never been in the city (those places where more than 100k people live)
now have you ?

Greets,
 Jeroen