On Wed, Dec 10, 2003 at 04:43:44PM -0500, Alan DeKok wrote:
Markus Stumpf <maex-lists-spam-ietf-asrg(_at_)Space(_dot_)Net> wrote:
3) You need the hardware/software capable of doing the blocking, so this
is also a cost factor.
Nonsense.
Then the recipient has to do that blocking. Why offload costs from
the sender to the recipient?
Sorry, I wasn't clear.
There are two possible and effective points where to filter, they don't
need to be disjoint
a) at the borders of the ISP
b) at he gate to the customer
The cost factor is high for endusers and small companies. With customers
complaining about unacceptable costs for 20 USD DSL flatrates it may be
hard to argue: you have to buy a firewall of vendor X and pay 3000 USD
else you won't get access.
I admit it's a great business model for ISP's: Send gigabytes of
crap onto the backbone, because it's cheaper to let someone else deal
with it, than to fix your own network.
I am working at an ISP. Our contracts with our customers say that we
deliver Internet from our borders to the gate at the customer and vice
versa.
We cannot start blocking ports as we like. We can't even block spamming
hosts on our customer mailstores - unless they serverly damage operating
of that mailstores.
The problem is that spammers have exactly the same business model,
and we already know it's unethical.
I can't see what is ethical with censorship. According to our contract
they have free and uncensored access to the Internet. We have an AUP that
forbids certain activities and we can terminate the contract immediately.
One of those things is spamming and we did terminate contracts with
spammers in the past and will do in the future.
Things may be different if you sell DSL surf accounts. Then you could
add paragraphs to your contract and tell your customers that you will
not allow connections to port 25 in either direction.
With the deployment of SRV records and with the possibility to run
SMTP server on other ports than 25 wide spread of such policies will
quickly make them useless. Then they will do SMTP over HTTP.
6) If it can be solved with port 25 filtering this would be great. But
the technique to do it is there for years. Why is spam still a problem?
Because of the people who DON'T block port 25. Moving to MTAMark
will have the same deployment issues.
MTA MARK will make it possible to block a service originating from an IP
address, regardless which port it is run on but will also make it
possible for the local administrator to override that policy e.g. for
roaming users with SMTP AUTH.
\Maex
--
SpaceNet AG | Joseph-Dollinger-Bogen 14 | Fon: +49 (89) 32356-0
Research & Development | D-80807 Muenchen | Fax: +49 (89) 32356-299
"The security, stability and reliability of a computer system is reciprocally
proportional to the amount of vacuity between the ears of the admin"
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg