On Wed, 24 Jan 2007, David MacQuigg wrote:
As Guy says, its a never-ending battle.
An IPwhois lookup on 206.18.177.0 shows an allocation of 206.16.0.0/14 by the
ARIN Regional Registry. That should cover the addresses shown by Rene and
Guy and any others in that block that Comcast might decide to use without
notice.
Like any address within 73.0.0.0/8 (comcast has lots of space...)
If that block includes a few zombies, Comcast's reputation will
suffer further. They can fix it by publishing a list of their authorized
servers, and excluding the zombies.
Of course by zombies here you mean any cable user no matter if his system
is or is not a spammer-controlled bot.
The strategy now is to not waste any time arguing with the Comcasts of the
world, but simply take whatever they give us, and let their reputation fall
where it may. There are plenty of companies like AOL that have an excellent
reputation, and it doesn't take much effort to go at least the first step -
publish your authorized servers. This should be easy even for a big company
that relies on spammers for most of its income. The zombies are not paying
customers.
I've been told comcast mail servers are not hidden "on purpose",
its just that they still operate with number of separate units and
separated network segments and they want some of those separate
networks to have their own mail servers both to distribute traffic
from their users and to allow flow of mail when there are network
issues between their network segments... But in fact actually what
you're seeing is nowhere quite as bad as it could have been if they
entirely followed this strategy (so quite a bit of centralization
does take place). Note also that as bureaucracies go this is a big one
(worse then MS and you may remember problems they had updating their
SPF record), just collecting all the data from their various
subdivisions would be difficult task for such a company.
The next step is where it gets interesting. Comcast could use different IDs
for different mailflows, allowing the reputation of 'comcast.net' to fall
where it may, and using a different ID for their reputable mail. Spammers
would then demand that their mail be sent under the reputable ID, and Comcast
would have a tough decision. However they try to hide it, the basic deal
will involve selling reputation earned by their non-spam customers to people
who will quickly ruin that reputation. My guess is Comcast will say no, and
the spammers will lose. If they say yes, their non-spam customers will move
to another company. What is left won't be worth anything to even the
spammers.
The problem is that Comcast is a monopoly in its sector - you can not
get cable internet through somebody else (DSL and wireless are however
a competitor but its not quite the same and there may not be good
alternatives in some areas). And for monopolies typical market economy
strategy as you outline would not work (i.e. users would not be able
to leave and could suffer even if provided bad service). But not
everything is lost - in US such monopolies are controlled through
government regulation, so feedback lopp here would not be that
users complain about bad reputation to the government which tries
to regulate by requiring them to abide by certain policies and
deal with complaints in certain time basis, but I'm just guessing
as to where and how it would go.
The only language they understand is $$$.
This is a big oversimplification. Our business and economy system
is a lot more complex and $$$ is not the only thing that matters.
In fact over the years I came to realize that $$$ and maximizing
profits is in many cases a problem as it causes companies to
make decisions not on merits and technical good but on other
factors. Luckily in some areas their choice of actions are
limited by various laws and its good because otherwise we'd
be living in pretty bad and brutal world with big devisions
people working in different sectors and professions (although
I have to note that while trend between 1930-1970 in US was
to decrease difference, lately the gap began to grow again).
But I think I need shut up now as I'm moving off way OT to
what's discussed on this list.
--
William Leibzon
Elan Networks
william(_at_)elan(_dot_)net
-------
Sender Policy Framework: http://www.openspf.org/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?list_id=735