Fun new policy at AOL
Dr. Jeffrey Race
jrace at attglobal.net
Wed Nov 12 01:05:35 UTC 2003
On Fri, 29 Aug 2003 00:05:50 +0100 (BST), Stephen J. Wilcox wrote:
>On Fri, 29 Aug 2003, Dr. Jeffrey Race wrote:
>> On Thu, 28 Aug 2003 12:07:30 -0400, Matthew Crocker wrote:
>> >It can be built without choke points. ISPs could form trust
>> >relationships with each other and bypass the central mail relay. AOL
>> >for example could require ISPs to meet certain criteria before they are
>> >allowed direct connections. ISPs would need to contact AOL, provide
>> >valid contact into and accept some sort of AUP (I shall not spam
>> >AOL...) and then be allowed to connect from their IPs. AOL could kick
>> >that mail server off later if they determine they are spamming.
>> Now there is an idea! However an improved variant is to make the
>> entire internet a 'trust relationship' using the (obvious) steps you
>> propose. For several months I have been pondering possible details of
>> implementing same; see <http://www.camblab.com/misc/univ_std.txt>.
>> Comments welcome.
>Surely it already is ? That is I only announce routes of my customers who I
>trust, my upstreams and peers trust me and what i announce to them, their
>upstreams/peers do and so on. And yet we still have hijacked netblocks and
>ddos's with uncaring sysadmins. Why should email be any different?
>And if you do implement such a system, the spammers will just adapt.. the
>viruses (sobig) are an example of how spammers can open up end user machines to
>facilitate sending of email, providing they can control such a host they can
>simply relay thro the providers' smtps.. they dont need open relays to send out
The proposal at <http://www.camblab.com/misc/univ_std.txt> provides that
mail from compromised sources shall be rejected. This forces the host
sysadmin to secure his system if he wants to communicate with the rest of
the internet. Presently the penalty for negligence is borne by the
victim, not the perpetrator. The unique aspect of the proposal is to
attach consequences to actions, a principle which is used everywhere in
society except the Internet.
More information about the NANOG