Lazy network operators

• Previous message (by thread): Lazy network operators
• Next message (by thread): Lazy network operators
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

At 11:11 PM -0400 4/13/04, Steven M. Bellovin wrote:
>
>The spammers are already creating throw-away domains; they'd do the
>same with mail sender authorizations.  "I am Spam, Spam I am" -- and
>send their turds and run.

Steve, this is not an authorization problem.   I know that is how you like to
characterize it.   Yes, any spam house will simply say, please open the door,
and have it done.  I don't claim to attempt to validate the customer intent,
and this doesn't address that portion of the problem.

The problem is one of the default network behavior.   Giving every PC default
access to every mail server, combined with the state of individual machine
security, results in situation where spammers can harvest farms of open
machines which can originate email.  If we can fix this by changing default
behavior to make such machines less useful to hackers, while still allowing
anyone  who wants to originate to do so at will via configuration, what is
the harm?  To date, the most vocal objections have come from architectural
purists and manufacturers of disk storage.

/John

• Previous message (by thread): Lazy network operators
• Next message (by thread): Lazy network operators
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]