Fun new policy at AOL

• Previous message (by thread): Fun new policy at AOL
• Next message (by thread): Fun new policy at AOL
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thursday, August 28, 2003, at 11:07 AM, Joel Jaeggli wrote:

> On Thu, 28 Aug 2003, Matthew Crocker wrote:
>
>>
>> Shouldn't customers that purchase IP services from an ISP use the ISPs
>> mail server as a smart host for outbound mail?
>
> applying that standard just how large do you have to get before
> you "graduate" to running your own smtp server. "I'm sorry we won't 
> accept
> mail from you because you're not an lir?"
>

If a larger corporation showed that they have a clue we remove the 
filters.  If we start getting virus/spam notifications on again we 
re-enable the filter.  We are either primary or backup MX for all of 
our customers.  We can implement a port 25 inbound filter on a customer 
and their inbound mail is unaffected.  We can then contact the customer 
and work with them to fix their broken mail server and remove the 
filter.

We make the determination based on skill level of the customer, not 
their size.

How does this sound for a new mail distribution network.

Customers can only send mail through their direct provider
ISPs can only send mail to their customers and their upstream provider. 
  They purchase the ability to send mail to the upstream as part of 
their bandwidth.
ISPs can contact and work out other direct mail routing arrangements 
between themselves.  For example, ISP A could send directly to ISP B if 
there is a large amount of A -> B mail.  Both ISPs have to agree.
ISPs form a trusted ring of mail servers for direct connection.  All 
others get shipped upstream to the next available mail server.
All mail servers are known, logged and can be kicked off the network by 
the upstream provider.

A central core of distributed mail servers gets built by each backbone 
ISP.  The backbone ISPs peer with one another (trust each others mail). 
   backbone ISPs accept mail from their customers and can block that 
mail if their customer doesn't have a clue.

Everything is logged, everything is validated.  Setting up a mail 
server involves more than getting a static IP and setting up an MX 
record.
SPAM is eliminated because it can't enter the trust ring unless it goes 
through an ISP.  That ISP can be kicked off if they allow spammers.
Viruses are managed because they can be tracked back to their origin. 
block at the core.  virus protection could also be made a requirement 
for entering the trusted mail ring.
Mail servers are set to deny all mail by default,  opening up 
connections from trusted hosts as you build trusts relationships.
Contact information needs to be maintained.  I can't get into Sprints 
trust ring unless I can contact them

This can be phased into service by setting up trusted and untrusted 
mail servers.  All mail entering untrusted mail servers has a higher 
spam score and cannot be forwarded outside the local network.
Trusted mail (i.e. from customers) can be forwarded upstream to other 
trusted,non-trusted mail servers.

-Matt

• Previous message (by thread): Fun new policy at AOL
• Next message (by thread): Fun new policy at AOL
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]