I am working on a compendium for a course I give at my university.
A controversial text from the compendium is quoted below. If you
think that this is wrong, tell me.
OK, I'll tell you: It's wrong on many points.
If a sender in Europe sends a message to two or more recipients in
North America, only one copy might be copied across the expensive
Atlantic cables as shown in the figure below:
A problem with this, however, is that most MTAs are not willing to
handle mail, unless either the recipient or the sender is local to
the MTA.
Or unless the sender has appropriate credentials. These days locality isn't
sufficient, since many users roam and still want to be able to use the MTA at
their home site as a relay.
Thus, the saving shown above requires an agreement with the
MTA which splits the message after transport across the Atlantic.
Yes, but such agreements are easily accomodated by present-day infrastructure
(SASL and TLS). Nevertheless, AFAIK there are relatively few such setups.
Possible reasons why this is so include:
(1) This practice, while wasteful, is small beer compared to other uses of
these links.
(2) The people for whom it is a problem aren't the same as the people who
are able to set up such arrangements.
(3) People are ignorant of just how easy this problem is to solve. (It would
only take a few minutes to configure the software I work on to support
this sort of relay, for example, and I have no reason to believe it is any
harder in other software.)
This was not always so. In the beginning of the 1990-s, most MTAs
were willing to forward mail for any recipient. The reason why this
was abolished in the middle of the 1990-s was that spammers used this
feature to get foreign MTAs to help them split mail to millions of
recipients.
Yes, and this is why the relaying got shut down and continues to be shut down.
Try digging yourself out of having your system used for a massive spam relay
sometime -- once you've done so cries about how this leads to such inefficiency
on high-cost links somehow fail to impress.
Some so-called experts claimed that spamming could be
stopped by forbidding splitting of mail by other than the MTA of the
sender or the recipient. They enforced their view by implementing a
program which scanned all MTAs everywhere, checking that they did not
allow foreign splitting, and sending angry letters to non-conforming
MTA administrators (postmasters) threatening to stop receiving mail
from them unless they stopped splitting. This is an interesting
example of how the Internet is regulated in dubious ways by
pseudo-police-authorities.
While I have little love for the scan-and-ban crowd, you're giving them too
much credit here.
The reason open relays were shut down is because a significant number of them
were exploited to the point where the users of those systems were unable to get
useful work done. Most administrators have no choice but to block open relay,
regardless of its utility. And this situation hasn't changed -- try opening a
system whose name is widely known up to relay sometime and you'll see.
The only reason that the scan-and-ban crowd has been at all successful is
because most systems already blocked open relay and they were able to go after
the few remaining ones that didn't. Had the situation been one where the common
practice was to allow open relay they would have gotten nowhere: Subscribing to
their "don't accept mail from systems that permit open relay" policy would have
resulted in too much mail being blocked to be useful.
Indeed, it isn't entirely clear to me that the real weapon in the scan-and-ban
crowd's arsenal is the number of sites subscribing to their black list. I've
seen several cases where a site that was open to relay was blacklisted and then
almost immediately was used by a spammer for the first time. It is undeniable
that the list of open relays these folks compile could be quite useful to
spammers, and while I presume they take steps to try and prevent their data
from being used by spammers, I find the timing above to be more than a little
suspicious.
Spamming could be counteracted more
efficiently using other methods than this.
And these methods are what exactly? If there's something more effective than
open relay blocking I'd like to hear what it is.
Ned