Schneier: ISPs should bear security burden

• Previous message (by thread): Schneier: ISPs should bear security burden
• Next message (by thread): Schneier: ISPs should bear security burden
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Mark_Andrews at isc.org (Mark Andrews) writes:

> 	By continuing to lump filtered and unfiltered addresses together
> 	you are throwing out the baby with the bath water.

the smtp protocol was designed in a time when ~Mbit/sec connections did not
yet exist, and ~10Kbit/sec connections cost many thousands of dollars per
month, and were used only by people who could prove membership in an
established meatspace trust fabric ("i have a gov't research contract")
and whose hosts cost hundreds of thousands, or millions, of dollars, each
having dedicated technical staff.

expecting the same protocol to be used when ~Mbit/sec connections are held
by hundreds of millions of uneducated users with hundred-dollar hosts is
absurd.  but in spite of enhancements like EHLO and AUTH, most internet
e-mail is sent with the same level of authentication/confidence as before.
the natural market outcome is to throw a lot of babies out with bathwater.

see http://www.isc.org/personalcolo/ for the longer version of this rant,
and just know that i reject ~many spams a day by refusing all mail from
SBC's DSL blocks, with ~few false positives.  that's SBC, alone.

if you want different bathwater, it is available.  there are still
high-rent neighborhoods with high default expectations of the quality of
traffic emanating from same.  live in one, or at least rent a mailbox in
one.  asking people to accept e-mail from DSL networks is absurd, since
they would have to act against their own best interests, and they ~know it.
-- 
Paul Vixie

• Previous message (by thread): Schneier: ISPs should bear security burden
• Next message (by thread): Schneier: ISPs should bear security burden
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]