Lazy network operators
Steven M. Bellovin
smb at research.att.com
Wed Apr 14 00:36:44 UTC 2004
In message <p06020407bca227be1be3@[192.168.1.101]>, John Curran writes:
>
>The reality is that the vast majority of email is handed off to a designated
>mail relay (whether we're talking about consumer connections or office
>environments), and if we actually configured connectivity in this matter,
>there wouldn't be a problem.
>
John, the problem is deciding who is an *authorized* email sender. For
example, I own a machine in a random rack -- can it send email? The
way I operate, it sometimes needs to -- I often set up tunnels to it
from my laptop and from other machines in "banned" address ranges, and
let it send my email. For that matter, it hosts several IETF and
personal mailing lists.
Now assume that someone in some strange and wondrous part of the world
has a similar need. Are they authorized? According to whom?
There have been a lot of authentication-based and filter-based schemes
proposed, but I've yet to see a scheme that solves the authorization
problem satisfactorily. Not everyone wants to (or is able to) entrust
their email to a a Tier 1 ISP; if nothing else, the Tier 1s would
charge for the privilege.
--Steve Bellovin, http://www.research.att.com/~smb
More information about the NANOG
mailing list