nanog mailing list archives
Re: marking dynamic ranges, was fixing insecure email infrastructure
From: Markus Stumpf <maex-lists-nanog () Space Net>
Date: Tue, 25 Jan 2005 19:34:23 +0100
On Tue, Jan 25, 2005 at 12:51:43PM -0500, Valdis.Kletnieks () vt edu wrote:
On Tue, 25 Jan 2005 09:43:06 PST, "J.D. Falk" said:(I'm also surprised you need 300 servers to handle such a small load -- what is that, ~3333 messages per server per day?)Some mail software scales better than others. ;)
And some laws are more braindead than others. In Germany providers of telecommunications are not allowed to filter or block communication if there is no evidence that it would result in severe operational issues (no closer definition) like e.g. in a DoS. Providers of telecommunications can also be companies that allow their employees to receive private email (or better that do not explicity forbid receiving private email in the contract). This means you cannot easily implement and activate spam filters without permission and a lot of legal mumbo jumbo with each user/employee/customer. So we host mailservers just like we host webservers. Now the mailserver is under the authority of the customer and we "only" do software/security management, but the customer is activating (content) filters, virus scanners and blocks within their own responsibility via web interfaces. Also, there is a new law since 1.1.2005 which forces providers of telecommunications that run more than 1000 Mailboxes to purchase and operate "black boxes" that replicate all email traffic and make it available to government investigators/law enforcement agencies. Because all of this we gave up on the concept of one single mailserver (cluster). \Maex -- SpaceNet AG | Joseph-Dollinger-Bogen 14 | Fon: +49 (89) 32356-0 Research & Development | D-80807 Muenchen | Fax: +49 (89) 32356-299 "The security, stability and reliability of a computer system is reciprocally proportional to the amount of vacuity between the ears of the admin"
Current thread:
- Re: fixing insecure email infrastructure (was: Re: [eweek article] Window of "anonymity" when domain exists, whois not updated yet), (continued)
- Re: fixing insecure email infrastructure (was: Re: [eweek article] Window of "anonymity" when domain exists, whois not updated yet) Steven Champeon (Jan 12)
- Re: fixing insecure email infrastructure (was: Re: [eweek article] Window of "anonymity" when domain exists, whois not updated yet) Andre Oppermann (Jan 13)
- Re: marking dynamic ranges, was fixing insecure email infrastructure John Levine (Jan 13)
- Re: marking dynamic ranges, was fixing insecure email infrastructure Markus Stumpf (Jan 24)
- Re: marking dynamic ranges, was fixing insecure email infrastructure Suresh Ramasubramanian (Jan 24)
- Re: marking dynamic ranges, was fixing insecure email infrastructure Markus Stumpf (Jan 25)
- Re: marking dynamic ranges, was fixing insecure email infrastructure Valdis . Kletnieks (Jan 25)
- Re: marking dynamic ranges, was fixing insecure email infrastructure Markus Stumpf (Jan 25)
- Re: marking dynamic ranges, was fixing insecure email infrastructure J.D. Falk (Jan 25)
- Re: marking dynamic ranges, was fixing insecure email infrastructure Valdis . Kletnieks (Jan 25)
- Re: marking dynamic ranges, was fixing insecure email infrastructure Markus Stumpf (Jan 25)
- Re: marking dynamic ranges, was fixing insecure email infrastructure Suresh Ramasubramanian (Jan 25)
- Message not available
- Re: fixing insecure email infrastructure (was: Re: [eweek article] Mark Andrews (Jan 13)
- Re: fixing insecure email infrastructure (was: Re: [eweek article] Owen DeLong (Jan 13)
- Re: fixing insecure email infrastructure (was: Re: [eweek article] william(at)elan.net (Jan 13)
- Re: fixing insecure email infrastructure (was: Re: [eweek article] Suresh Ramasubramanian (Jan 13)
- Re: fixing insecure email infrastructure (was: Re: [eweek article] Todd Vierling (Jan 14)
- Re: fixing insecure email infrastructure (was: Re: [eweek article] Mark Andrews (Jan 14)
- Re: fixing insecure email infrastructure (was: Re: [eweek article] Paul Vixie (Jan 14)
- Re: fixing insecure email infrastructure (was: Re: [eweek article] Markus Stumpf (Jan 24)
- Re: fixing insecure email infrastructure (was: Re: [eweek article] Mark Andrews (Jan 24)