short Botnet list and Cashing in on DoS
James Baldwin
jbaldwin at antinode.net
Sun Oct 10 19:06:17 UTC 2004
Pardon for my possibly ill informed interjection. I was under the
impression that the current wind was blowing towards filtering outbound
port 25 traffic while allowing outbound authenticated port 587 traffic?
The though being that while this was not a FUSSP, it help to prevent
unauthenticated "direct to mx" abuses.
On 10 Oct 2004, at 03:24, Mark Andrews wrote:
> In the US there is even more insentive to bypass the ISP's servers.
> Look are the way they have interpreted the wire tap laws.
This would allow customers to access remote mail servers to avoid ISPs
who agree with the (mis)interpretation of the wire tap laws.
On 9 Oct 2004, at 23:40, Alexei Roudnev wrote:
> Because I am running my own SMTP server @ FreeBSD, for example. It is
> MY concern, not ISP concern.
Customers (mis)use of their connection is always the ISPs concern. If
you are paying a premium for a Pure Pipe (tm), then yes, the way your
server functions is your concern, however, since your actions directly
influence how other networks accept or deny mail from your ISP as a
whole it is very much their concern how you use your connection.
On 9 Oct 2004, at 15:45, Paul Vixie wrote:
> blocking port 25 will make legitimate smtp permanently hard to use,
> while making non-
> legitimate smtp temporarily hard to use.
I disagree, it will temporarily cause many, many people to have broken
implementations and temporarily increase load tremendously on call
centers. Working for an ISP that does port 25 filtering has not
negatively impacted our users ability to use SMTP in any permanent
fashion.
I don't under estimate the ability of software vendors and ISPs to roll
out new requirements for SMTP to customers in a relatively painless
fashion. Our ISP is currently making the transition from SMTP to
Authenticated SMTP (we will be discontinuing the former) and I would
see implementing port 25 blocking in much the same light with regards
to implementation cost and the increased difficulty of using SMTP
legitimately.
I agree that BCP 38 should be implemented. I agree that BCP 38 will
have a greater affect on network abuse than port 25 filtering. They
both have their place and address to partially overlapping groups of
abuse imho.
More information about the NANOG
mailing list