This is simply something the ISP would implement on their MTAs. It does not
solve the problem of hijacked computers sending email directly to other
MTAs. However, Mike was proposing this in conjunction with the RMX
proposal, which resolves the problem of hijacked computers bypassing the
ISP's MTAs.
At 07:30 AM 7/16/2003, C. Wegrzyn wrote:
Yakov,
Wouldn't the proposal by Mike only work with someone sending to a single
site? I am confused as to how my SMTP can be throttled when I spurt emails
to a number of MTAs? Is this something an ISP has to implement?
Chuck Wegrzyn
Yakov Shafranovich wrote:
At 06:07 PM 7/15/2003 -0400, mathew wrote:
On Tuesday, July 15, 2003, at 08:47 AM, Alan DeKok wrote:
mathew <meta(_at_)pobox(_dot_)com> wrote:
....
Spam filtering on outbound messages is perfectly permissible in many
cases, and legally required in many. Do you really think that it's
legally acceptable for businesses to allow their employees to send
(whatever illegal content) to each other, or to people outside of the
company?
So you're proposing that ISPs be required to run something like
SpamAssassin on all *outgoing* e-mail, and bounce e-mail back at the
user if it looks like spam?
I see a problem with that--will users accept it, or will they take their
money elsewhere? I know that when *I* send an e-mail, I expect it to be
sent--if my ISP bounces it back because they don't like the content,
it's time for me to find another ISP.
Sometime back Mike Rubel proposed implementing a rate limit on outgoing
messages (see
http://www1.ietf.org/mail-archive/working-groups/asrg/current/msg04616.html).
If too many messages are sent within a set amount of time, they are held
in queue and a message is sent to the ISP subscriber warning him about a
possible infection. Same can apply to too many outgoing spam messages
(see
http://www1.ietf.org/mail-archive/working-groups/asrg/current/msg04629.html).
A sample warning would be as follows:
------------------------------------------------------------------------
Dear customer,
We apologize for this intrusion.
Our systems indicate that your computer attempted to send a large
number of emails over the last ten minutes. Because unusually
large volumes of outbound email sometimes indicate the presence of
a computer virus, we wanted to check with you before proceeding.
These and further emails will be placed in a temporary
quarantine while we await your instructions. We respect your
privacy, and will not read or otherwise disclose the messages
without your permission.
Please call (800) 123-4567 at your earliest convenience so that
we may process your request without further delay. We appreciate
your business and look forward to serving you again in the future.
--Your friendly email service providers
To change your notification settings, please go to:
https://www.exampleisp.com/my_account_settings/web_form.php
------------------------------------------------------------------------
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg