Unflattering comments about ISPs and DDOS

Paul Vixie vixie at vix.com
Tue Dec 7 02:00:10 UTC 2004


> > 	"Based on my conversations last week, Comcast's network engineers
> > 	would like to be more aggressive. But the marketing department
> > 	shot down a ban on port 25 because of its circa $58 million price ...
> 
> Thats quite ok, if theyre unwilling to filter port 25 on their end, we 
> are more than happy to filter port 25 on our end. Many have already done 
> this.

right, me too, but a surprising number of my friends strangely believe that
their ~1Mbit/sec home dsl connection (which 100millions of less-clued people
have) should be able to originate e-mail the same way their ~1Mbit/sec work
DS-1 line (which only a few million had, and most of those cluefully) did.

therefore, while i reject e-mail from dsl on a wholesale basis, i have to
whitelist certain friends on a retail basis -- which is madness without end.
far better for the cable and dsl providers to kill off outbound smtp by
default and then re-enable it when a customer waves the right clue-flag.

[off-topic: lots of you/us have proposed global whitelists to solve this kind
of thing, but nobody has yet figured out how a scalable community can have a
single definition of "that which is good"... so don't start that thread again
just because it seems desireable (which it is) and technically easy (also).]
-- 
Paul Vixie



More information about the NANOG mailing list