On Wed, Apr 07, 2004 at 03:01:58PM -0500, Pete Resnick wrote:
That means constantly coordinating with the ISP as to which IP
addresses are and are not MTAs. For ISPs that just give out a block
of IP addresses to the customer, that may be a huge increase in
administrative burden.
We're not one of the global player ISPs, but if we give out an IP block
we also delegate it to the customer, if the customer wants to. Ususally
customers with a /24 or bigger want.
The administrative burden is about 5-10 minutes work, mostly reading the
email and writing an answer. The rest are one or two NS entries
and (sometimes) a configuration line that adds our servers as
secondaries. If this happens during the setup period (the usual case)
it's part of the workflow.
It depends on the setup. For an ISP with a large number of small
customers who run their own DNSs, it will be more work. For those
managing both forward and reverse, it depends on the number of MTAs
and how often they change addresses.
From my experience especially MTA change *very* seldom, as all the
internal infrastructure would have to change, too. Ususally if they
replace a MTA with a newer version they reuse the IP address of the
old MTA, simply because it causes less problems.
accomplish HELO checking. But saying that failing to solve other
problems is a *negative* isn't an argument against doing so.
I totally agree. But how much of the spam problem do we want to solve?
As I wrote in another message we have a matrix of mesage types and MTA
types. The biggest problem group in the MTA type row are the 0wned
hosts at home users.
A solution that would only fix a very small portion of the problem
might fail broad acceptance.
I have to wonder whether IPv6 is going to change the answer we might
give to such a question.
If you ask IPv6 guys you will get a positive answer and I also think it
will. Problem again is the timeframe. IPv6 deployment is very slow.
\Maex
--
SpaceNet AG | Joseph-Dollinger-Bogen 14 | Fon: +49 (89) 32356-0
Research & Development | D-80807 Muenchen | Fax: +49 (89) 32356-299
"The security, stability and reliability of a computer system is reciprocally
proportional to the amount of vacuity between the ears of the admin"