short Botnet list and Cashing in on DoS
alex at relcom.net
Sun Oct 10 21:44:47 UTC 2004
> Pardon for my possibly ill informed interjection. I was under the
> impression that the current wind was blowing towards filtering outbound
It is not true, as I know; moreover, the day when I receive such proposal
from my ISP will be my last day with this ISP, so it will be for many
Reason is simple - it IS NOT THEIR DUMB CONCERN, they are
I(nternet)S(ervice)P(rovider) (not (WSP, Www Service Provider, for example).
It is American using to think that others are so dumb that you must think
instead of them... but people are smart, sorry.
But I am not saying that it exclude AUP - yes, I should not abuse AUP, which
may restrict me from sending or relaying spam, can restrict me from using
more traffic in average than I signed for (it is common in most East Europe
countries, for example), can require me to well control my resources... Yes,
if I maintain mail relay myself, I am responsible for not sending spam, and
if it is used for sending spam, it is AUP violation and ISP have right to
restrict port 25; if I host child porn, it is AUP violation, and so on...
Using port 25 is not AUP violation, in no way. (But if your mail relay
require my relay to be in DNS and so can reject mail from it, it is your
right as not my ISP but owner of _your_ hosts - so in reality I will
maintain mixed mode SMTP only, sending the rest of mail to my provider...).
(Even simpler. I use e-mail; erver in Rusia, and I send SMTP mail directly
to it, and I do not want to use my provider's mail relay - so I use port 25.
Not any problem with AUP). And remember, many relays use POP authenticaltion
to allow SMTP from the same IP address.
(Do not said about wiretapping, it is 99% kids games - everyone who want his
messages do not be wiretapped can do it easily, on today's Internet... I
personallty am 0% concerned about it - if some big boys (no matter in which
country) wanna play kid game - let them do it, to prevent crying and
depression - I hate crying kids, esp big ones...).
But - it does not eliminate some smart technologies, such as having default
firewall service. If I was in ISP business today, I'd propose it for all
customers, allowing them to turn it off / on by simple button on the WWW (or
by calling my support group). It is another thing - this is SERVICE. SERVICE
does not make decisions instead of customer(s), it add value if customer
What's about SMTP. it is simple. I use ISP from provider A. I use MAIL
service from few other providers, and I can use port 25 to communicate with
them (for example, using POP/SMTP mixed authentication schema). Any 25 port
filtering will cause me to complain to ISP, ask money back and break
contract with them (may be, sue them for AUP violation from THEIR side!).
Good policy (see above) whould be:
- they allow me to control port 25 and other things
- If I keep their default policy, I am not responsivbvle for possibvle
breakage, spam and so on from my site.
- If turn this off, I became responsible.
More information about the NANOG