Lazy network operators

John Curran jcurran at istaff.org
Tue Apr 13 19:07:38 UTC 2004


Vixie writes:

>since we're talking about laziness, let's look at two ways in which we (nanog
>"members" and others like us around the world) have been lazy, for decades,
>and have therefore helped to create the current miserable "abuse" situation.

Paul, let me add one more to your list: As a community, we have
been too lazy to take hold of the architectural source of the
problem, which is the complete lack of accountability over the
ability to post email.

This is not a technical issue (although I can hear echos from
the long past x.400 community already), it's simply a service
definition issue.  As a community, we've designed an end-to-end
mail protocol(SMTP) and opened it up to everyone.  The reality
is that the vast majority of end-user customers connected to the
Internet have one or two email servers, and there is no reason
to allow client connections to port 25 for posting.  If ISP's
simply filtered port 25 by default except from specified servers,
there wouldn't be a huge base of client systems to tap into for
robo-farms for spamming. 

Of course, this breaks the end-to-end model of the Internet...
Too bad.  End-to-end makes sense in some contexts, and it doesn't
in others.   This is the latter case.

In reality, lots of folks have plenty of good reasons to want
open access to port 25 from their entire prefix.  That's also
fine, *as long as you accept responsibility for what is sent*.
Want both wide open access and complete deniability?  That's
the option we presently have, and frankly, it doesn't scale.

/John



More information about the NANOG mailing list