nanog mailing list archives
Re: SMTP rate-limits [Was: Re: ingress SMTP]
From: Michael Thomas <mike () mtcc com>
Date: Fri, 05 Sep 2008 07:46:00 -0700
Paul Ferguson wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -- Simon Waters <simonw () zynet net> wrote:If the ISP blocks port 25, then the ISP is taking responsibility fordelivering all email sent by a user, and they have to start applying rate limits. Otherwise if they send all email from their users, all they've done is take the spam, and mix it in with the legitimate email, making spam filtering harder.Okay, I can understand why an ISP might want to apply SMTP rate-limits, but to clarify, I'm assuming you meant that ISPs (if they do block tcp/25 outbound to anything other than their own MTAs) need to watch for excessive SMTP utilization, which might indicate a spammer-client (?). ...as opposed to arbitrary SMTP rate-limits. Yes?
I thought that these bot nets were so massive that it is pretty easy for them to fly under the radar for quotas, rate limiting, etc. Not that all bot nets are created equal, and there aren't local hot spots for whatever reason, but putting on the brakes in a way that users wouldn't feel pain is simply not going to make any appreciable difference in the overall mal-rate. No? Mike
Current thread:
- SMTP rate-limits [Was: Re: ingress SMTP] Paul Ferguson (Sep 05)
- Re: SMTP rate-limits [Was: Re: ingress SMTP] Michael Thomas (Sep 05)
- Re: SMTP rate-limits [Was: Re: ingress SMTP] Tony Finch (Sep 05)
- RE: SMTP rate-limits [Was: Re: ingress SMTP] Frank Bulk (Sep 06)
- Re: SMTP rate-limits [Was: Re: ingress SMTP] Michael Thomas (Sep 05)