How do you stop outgoing spam?
Scott Francis
darkuncle at darkuncle.net
Wed Sep 18 19:31:35 UTC 2002
On Tue, Sep 17, 2002 at 08:35:03PM +0200, brad.knowles at skynet.be said:
[snip]
> > Much more complex to implement and manage; doesn't scale well. The fewer
> > decisions the anti-spam system has to make, the better it will work. If it
> > only has to decide whether or not a specific IP/port combination has
> > exceeded
> > a certain threshold, it will run much more smoothly than if it's examining
> > the contents of each packet.
>
> Indeed, that will be a lot more scalable. But if you still have
> to look into each packet to see which ones are link encrypted (and
> therefore should be left alone) and which ones aren't (and therefore
> should be transparent proxied and/or traffic-shaped), that is quite a
> bit more work.
>
> The question is how much abuse is too much? Is it okay to allow
> all open port 25 connections (traffic-shaped to low average
> bit-rates), or is any abuse too much?
Even the best solution will only approach 100% effectiveness as a limit. As
in many things, it's a tradeoff - how much hassle are you willing to undergo
for a steadily-diminishing return, 80/20 rule, etc. Personally, I'd be happy
for 80% of the operators out there to implement the easiest 80% of things
required to stop spam. If people would just take even the most basic of steps
required to block spam, the picture would improve drastically for all of us.
--
-= Scott Francis || darkuncle (at) darkuncle (dot) net =-
GPG key CB33CCA7 has been revoked; I am now 5537F527
illum oportet crescere me autem minui
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20020918/a4a0e661/attachment.sig>
More information about the NANOG
mailing list