Markus Stumpf wrote:
On Sun, Dec 14, 2003 at 03:48:47PM +1100, Brett Watson wrote:
Our contributor named "Mark" has been harping on the "presumption of
innocence" principle, but it's precisely the viability of that principle
that's in question here. There is a certain quantity of spam which exists by
abusing the "presumption of innocence", so called. It's a badly
emotionally-laden term, since to advocate the converse is to advocate
"presumption of guilt", and you may as well advocate the strangulation of
small furry animals and children while you're about it. Rather than
"presumption of guilt", we should have "explicitly negotiated access". We
could recommend that port 25 be available (in some cases) only when
explicitly arranged, not on the basis of prior "guilt" or "innocence", but
purely to make accountability explicit.
Folx, I don't get it ;-)
If you are running a mailserver (MTA) you are free to block every host
that you wish. Our mailserver (not for our customers) will not talk to
about 150 millions of IP addresses on the Internet. This list grows with
a rate of about 250000 a day. This is my decision as the receiver and
every receiver is currently free to make that decision.
So, why do you want to have any transport agents (aka ISPs) install
filters and remove your ability to make that decision on your own?
If it's blocked by the transport agency you have no way to reverse that,
no matter how your decision might be.
If the port is blocked you get no information on why it is blocked. So
the theoretical sender is still unknown to you. Maybe the ISP is having
an issue of some sort and is now blocking the sender with an attempt to
put pressure on him.
Port 25 is interrupting services and not speading policy or sender
information.
It seems to me that there are both sides have presented multiple
arguments, and no agreement is in sight. There are two questions being
asked in this and related threads:
1. Is MTA MARK a useful enough proposal to be pursued further IN
COMBINATION with other anti-spam tools and techniques (including port
filtering)?
2. Is port filtering, on port 25 especially, should be something that is
going to be recommended by the ASRG?
Based on the discussions back and forth, it seems to me that the answer
to the first question is 'YES', and the second question 'NO'. MTA MARK
provides enough useful benefits for the ones that can use it, in order
to continue researching it. Port blocking on the other hand seems
controversial enough, that it should be something best left to each ISP
to decide. Instead we should recommend that ISPs have a strict AUP and
actually enforce it.
Yakov
-------
Yakov Shafranovich / asrg <at> shaftek.org
SolidMatrix Technologies, Inc. / research <at> solidmatrix.com
"Be liberal in what you accept, and conservative in what you send" (Jon
Postel)
-------
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg