spf-discuss
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: [spf-discuss] Can this really be true?

2005-09-23 14:42:19
from [Mark] [Permanent Link] 


-----Original Message-----
From: Dick St.Peters [mailto:stpeters(_at_)NetHeaven(_dot_)com] 
Sent: vrijdag 23 september 2005 23:08
To: spf-discuss(_at_)v2(_dot_)listbox(_dot_)com
Subject: Re: [spf-discuss] Can this really be true?




johnp writes:



I continue to be staggered by what is basically an open
relay in everyone's home or office in the USA. What other
countries ISP's allow such behaviour?


You are making some wild leaps here. ISPs limiting use of their
relays to their own users is hardly anything like "having an open
relay in everyone's home or office."


Indeed. A relay is ony "open" if people other than your own users have
access to it. I once asked a large ISP here, in the Netherlands, why they
do not enforce SMTP AUTH? The answer was as simple as it was true:
"Because doing so means dealing with 5,000 extra calls to our helpdesk."

Strictly speaking -- except for the size of the user-base, perhaps --
there is no difference between an ISP granting access to its network to
the IP addresses of its own customers, and people not enforcing SMTP AUTH
to folks on their home network.

Customers of an ISP basically can be said to 'buy into' a portion of
trust; should they abuse that trust, then the ISP will typically terminate
their account. Enforcing SMTP AUTH is actually of little consequence,
because the customer who spams is easily identified by his IP address --
recognized internally, by the ISP, that is; and having an "authid" in the
logs makes identifying that customers only marginally easier.

So, from the ISP point of view, I actually agree with the position of not
enforcing SMTP AUTH unless you have to; which is to say, when you need to
authenticate people who do not already have access to your network by
other means. Only if you gave people access to your network, without SMTP
AUTH, if they had not otherwise access to it, would you be an open relay.

- Mark 
 
        System Administrator Asarian-host.org
 
---
"If you were supposed to understand it,
we wouldn't call it code." - FedEx

-------
Sender Policy Framework: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your 
subscription, 
please go to 
http://v2.listbox.com/member/?listname=spf-discuss(_at_)v2(_dot_)listbox(_dot_)com
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [spf-discuss] Can this really be true?, Dick St.Peters
Next by Date:  Re: [spf-discuss] Can this really be true?, Gaven Henderson
Previous by Thread:  Re: [spf-discuss] Can this really be true?, Dick St.Peters
Next by Thread:  Re: [spf-discuss] Can this really be true?, johnp
Indexes:  [Date] [Thread] [Top] [All Lists]