RE: Time to check the rate limits on your mail servers

["Miller, Mark" <mark.miller () qwest com>]

  How come it is always about controlling the symptoms and not the
illness?  The vast majority of these
"spam drones" are compromised WINDOWS machines.  If the operating system
and dominant email applications so easily allows the users' machines to
be taken over by a third party, then there is something wrong with the
operating system and the mail applications.  It occurs to me that the
solution is not to limit the range of destruction, but to defuse the
bomb.  Perhaps the focus for a solution should move up the model to
layer 7.

- Mark



-----Original Message-----
From: owner-nanog () merit edu [mailto:owner-nanog () merit edu] On Behalf Of
Michael.Dillon () radianz com
Sent: Thursday, February 03, 2005 8:47 AM
To: nanog () merit edu
Subject: Re: Time to check the rate limits on your mail servers



> > Do you let your customers send an unlimited number of emails per 
> > day? Per hour? Per minute? If so, then why?
>
> Doing that - especially now when this article has hit the popular 
> press and there's going to be lots more people doing the same thing - 
> is going to be equivalent of hanging out a "block my email" sign.

I don't understand your comment. This is an
arms race. The spammers and botnet builders
are attempting to make their bots use the 
exact same email transmission channels as 
your customers' email clients. They are
getting better at doing this as time goes
on. I think we are at the point where the
technical expertise of the botnet builders
is greater than the technical expertise of
most people working in email operations.

...