How do you stop outgoing spam?
Brad Knowles
brad.knowles at skynet.be
Tue Sep 17 18:35:03 UTC 2002
At 11:07 AM -0700 2002/09/17, Scott Francis wrote:
> Much more complex to implement and manage; doesn't scale well. The fewer
> decisions the anti-spam system has to make, the better it will work. If it
> only has to decide whether or not a specific IP/port combination has exceeded
> a certain threshold, it will run much more smoothly than if it's examining
> the contents of each packet.
Indeed, that will be a lot more scalable. But if you still have
to look into each packet to see which ones are link encrypted (and
therefore should be left alone) and which ones aren't (and therefore
should be transparent proxied and/or traffic-shaped), that is quite a
bit more work.
The question is how much abuse is too much? Is it okay to allow
all open port 25 connections (traffic-shaped to low average
bit-rates), or is any abuse too much?
--
Brad Knowles, <brad.knowles at skynet.be>
"They that can give up essential liberty to obtain a little temporary
safety deserve neither liberty nor safety."
-Benjamin Franklin, Historical Review of Pennsylvania.
GCS/IT d+(-) s:+(++)>: a C++(+++)$ UMBSHI++++$ P+>++ L+ !E W+++(--) N+ !w---
O- M++ V PS++(+++) PE- Y+(++) PGP>+++ t+(+++) 5++(+++) X++(+++) R+(+++)
tv+(+++) b+(++++) DI+(++++) D+(++) G+(++++) e++>++++ h--- r---(+++)* z(+++)
More information about the NANOG
mailing list