Open relays and open proxies

Fri Apr 25 13:01:40 UTC 2003

On Fri, 25 Apr 2003 14:31:57 +0200, Daniel Concepcion <dani at danielcp.net>  said:

> I think that the end of the spam and open relays will be  when the smtp 
> servers talk only with servers  with trust. 

There's 40 million .com's out there.  Which ones do I trust?

> The bgp approach peering and transit will be ported to a new smtp protocol.
> Other approach could be the dns system. A central authority that will have 
> registered  the stmp servers. This servers could delegate in other servers, 
> etc. 

The routing registries have fixed *all* those problems for BGP, haven't they?

Remember - if an ISP will sell bandwidth to a spammer, they will sell a
registration for their SMTP server.  Any "central registry/DNS/whatever"
scheme has to allow for that reality.

Say this over and over until you understand:  No anti-spam solution that
involves asking either the spammer or their network provider any variant of the
question "Are you a good witch or a bad witch?" can *possibly* work, because
the spammer and their network provider both have reasons to lie and say "Good
Witch".  If you're going to ask *anybody*, it has to be a reputable
*disinterested* third party.  That's why RBLs are popular (and note the
"disinterested" requirement - many RBLs become unpopular when they start
using their entries to chase political agendas...)

> I don't know if is out there some draft about a new secure and spam free smtp

> protocol. But may be interesting for the big players that loose money 
> (Bandwith, servers, staff, etc)  accepting spam for their users.

Part of the problem is shady ISP's who *MAKE* money selling bandwidth/etc to
the spammers.  

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 226 bytes
Desc: not available
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20030425/85d96f69/attachment.sig>