----- Original Message -----
From: "Alan DeKok" <aland(_at_)ox(_dot_)org>
To: <asrg(_at_)ietf(_dot_)org>
Sent: Saturday, December 13, 2003 6:22 PM
Subject: Re: [Asrg] 6. Proposals: MTA MARK vs port 25 filtering?
Basically, these odd proposals to block port 25, for home users, is
tantamount to saying only ISP's can run servers.
I disagree. No one has ever talked about blocking port 25 for *all*
users. Port 25 blocking is only for users who have not agreed to be
held responsible for the messages they send.
I am not among them. :) I have said before, and will state again, that I
have no problem with an ISP providing Internet access provisionally, under
condition that they can block access to certain ports on abuse. No problem
with that, at all. Only when they side-step the presumption on innocence.
So then, what happened to the core function of an ISP? To provide
access to the Internet? I pay good money each month to have that
access, which includes my own mail server.
How does anyone else know? I've been harping on this topic for a
long time, and it keeps getting ignored.
I do not understand this question. How do you know I paid to have my own
mail server? As opposed to being "owned", you mean?
In return, my ISP can disallow access should abuse occur. But I can
live with that, as I know I will not abuse my connection. I wish I
could say the same about my ISP.
How do *I* tell your "responsible" MTA from an "owned" machine
sending spam?
For the most obvious reason I can think of: you have never received a spam
from me, nor would you ever. :)
I understand your side of the problem: you want to send
mail. Please *think*, and try to understand my side of the problem:
Without some additional information, you look *exactly* like a spammer
to me.
I guess there's the rub: the presumption of guilt. While true that I have
given you no proof that my relay is trustworthy, I have done nothing to the
contrary, either.
What information are you willing to provide to a recipient, to
demonstrate that you are responsible? What information will make the
recipient believe you are responsible?
The same information you will give, I reckon. If we're going to a system
with Certificate Authoraties, ala yayoo, then I will get such a Certificate.
Should we use SPF, I will implement that too (in fact, already have).
Though I administer not thousands of people for my domain, but only a few
hundred, the principle remains the same: I eagerly cooperate with any
proposal I can implement that the "community" has decided is needed to
establish trust. I spend an inordinate amount a day warding off spam,
adapting Milters, updates RBL list. etc. I am as opposed to spam as you are.
Except that I stop the buck at being branded the 'enemy' one fine day, just
because I do not have an ISP style connection to the Internet.
I don't understand this fervent opposition to change,
I am not opposed to change at all; it is just this particular form of
change, cutting off private port 25 acces from anyone who is not an ISP,
that I frown upon. In fact, my being on this list, and many like in nature,
is proof that I am rather interested in change, and eager to hear what
people have to say about ways to combat spam.
If the first axiom of ASRG is
that we're not going to change anything, and we're going to provide
free, unfettered, bare-ass-open access to the net; then we've just
decided to NOT address the spam problem.
Free access does not equal access without limtations. I am all for the fair
limitation that access is unfettered, until abuse occurs. But before that
time, I like my ISP to treat me as if I were innocent, until proven guilty.
- Mark
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg