Re: botted hosts

["Sam Hayes Merritt, III" <sam () themerritts org>]

> Unblocking on customer request is an expensive operation, for both the 
> ISP and the customer.

> And they frequently assume that network operations changes are 
> free---Comcast reported that it would cost $58 million to implement port 
> 25 blocking and notify customers, just for Comcast.

Anyone can come up with a number to convince themselves that they don't 
need to do the 'right thing'. Comcast is probably using Docsis. Docsis 
makes applying filters on a per user basis pretty darn easy.

AOL blocks outbound 25.

Earthlink for the most part does (we only refused 148 emails from them 
yesterday from places like user-0c2i2vr.cable.earthlink.net and 
user-0c2if7q.cable.earthlink.net, they might block port 25 by fefault for 
as much as I know)

We block outbound port 25 on our residential connections by default. Of 
those, only 2.4% currently have requested that we not filter them.

The $ excuse just doesn't fly. RR and Comcast know this. Other providers 
have tackled the problem. I've seen the Spamcop reports on our retail 
connections drop to just about nothing since filtering our users.

> On a deeper level, I discovered (its not at proof level, but probably at
> 'strong conjecture' level) that results from information theory show that
> spam cannot be stopped technically.

Yep. Cannot be stopped. But if I disable what I am currently doing to keep 
the rest of the world out, my users damn sure notice. I do what I can, 
grab the low lying fruit, get them knocked out of the way and then go for 
the harder problems.


sam