Schneier: ISPs should bear security burden
Paul Vixie
vixie at vix.com
Mon May 2 14:07:20 UTC 2005
Mark_Andrews at isc.org (Mark Andrews) writes:
> By continuing to lump filtered and unfiltered addresses together
> you are throwing out the baby with the bath water.
the smtp protocol was designed in a time when ~Mbit/sec connections did not
yet exist, and ~10Kbit/sec connections cost many thousands of dollars per
month, and were used only by people who could prove membership in an
established meatspace trust fabric ("i have a gov't research contract")
and whose hosts cost hundreds of thousands, or millions, of dollars, each
having dedicated technical staff.
expecting the same protocol to be used when ~Mbit/sec connections are held
by hundreds of millions of uneducated users with hundred-dollar hosts is
absurd. but in spite of enhancements like EHLO and AUTH, most internet
e-mail is sent with the same level of authentication/confidence as before.
the natural market outcome is to throw a lot of babies out with bathwater.
see http://www.isc.org/personalcolo/ for the longer version of this rant,
and just know that i reject ~many spams a day by refusing all mail from
SBC's DSL blocks, with ~few false positives. that's SBC, alone.
if you want different bathwater, it is available. there are still
high-rent neighborhoods with high default expectations of the quality of
traffic emanating from same. live in one, or at least rent a mailbox in
one. asking people to accept e-mail from DSL networks is absurd, since
they would have to act against their own best interests, and they ~know it.
--
Paul Vixie
More information about the NANOG
mailing list