nanog mailing list archives
Re: ISP port blocking practice
From: "Patrick W. Gilmore" <patrick () ianai net>
Date: Mon, 6 Sep 2010 17:54:49 -0400
On Sep 6, 2010, at 9:22 AM, Brett Frankenberger wrote:
On Sun, Sep 05, 2010 at 09:18:54PM -0400, Jon Lewis wrote:
Getting rid of the vast majority of open relays and open proxies didn't solve the spam problem, but there'd be more ways to send spam if those methods were still generally available. The idea that doing away with open relays and proxies was ineffective, so we may as well not have done and should go back to deploying open relays and open proxies it is silly.Is it? It's likely true that the amount of span sent through open relays today is smaller than the amount of spam send through open relays 10 years ago. If the objective is "less spam via open relays", closing down open relays was a raging success. But that's not the objective. The objective is less spam, and there's certainly not less spam today than there was 10 years ago. Of course, those who worked to close open relays might argue that there would be even more spam today if there were still open relays. But they don't know that and there's no real evidence to support that.
You are incorrect. There is vast evidence that closing open relays resulted in less spam. You can do a very simple experiment to satisfy your own curiosity. Open your SMTP host or HTTP proxy, wait a couple days and see what happens.
The theory behind closing open relays, blocking port 25, etc., seems to be: (a) That will make it harder on spammers, and that will reduce spam -- some of the spammers will find other other ways to inject spam, but some will just stop, OR (b) Eventually, we'll find technical solutions to *all* the ways spam is injected, and then there will be no more spam.
To be clear, even if there were not "vast evidence" blocking port 25 helped lower spam loads (and there _is_), it should still be filtered on residential / dynamic pools. There is more DDoS today than ever before. I guess we should all enable directed broadcast again. Miscreants aren't using smurf attacks (or at least I haven't seen it, therefore it doesn't exist, right?), and there are other tons of other ways to DDoS people. So we should just open them back up, right? If that doesn't sound ridiculously stupid to you, then you know nothing of DDoS fighting either. And if it does sound stupid to you, .. well, I think you get the point.
There's little evidence for either.
You are wrong. If you do not actually know something (and "I haven't heard of it" or "my friends don't like it" or "I don't see how ..." does not equal "I -know-"), then please refrain from making factual sounding statements. [Yeah, yeah, this is NANOG. Chances of that happening are nil. But at least the people who are willing to make such statements are self-identifying for easy future reference.] -- TTFN, patrick
Current thread:
- Re: ISP port blocking practice, (continued)
- Re: ISP port blocking practice Claudio Lapidus (Sep 05)
- Re: ISP port blocking practice Patrick W. Gilmore (Sep 05)
- Re: ISP port blocking practice Franck Martin (Sep 05)
- Re: ISP port blocking practice Paul Ferguson (Sep 05)
- Re: ISP port blocking practice Jon Lewis (Sep 05)
- Re: ISP port blocking practice Owen DeLong (Sep 05)
- Re: ISP port blocking practice Franck Martin (Sep 05)
- Re: ISP port blocking practice Jon Auer (Sep 06)
- Re: ISP port blocking practice Scott Howard (Sep 11)
- Re: ISP port blocking practice Brett Frankenberger (Sep 06)
- Re: ISP port blocking practice Patrick W. Gilmore (Sep 06)
- Re: ISP port blocking practice deleskie (Sep 06)
- Re: ISP port blocking practice Brett Frankenberger (Sep 06)
- Re: ISP port blocking practice Randy Bush (Sep 06)
- Re: ISP port blocking practice Suresh Ramasubramanian (Sep 06)
- Re: ISP port blocking practice Randy Bush (Sep 06)
- Re: ISP port blocking practice Suresh Ramasubramanian (Sep 06)
- Re: ISP port blocking practice Randy Bush (Sep 07)
- Re: ISP port blocking practice John Levine (Sep 09)
- Re: ISP port blocking practice Owen DeLong (Sep 05)
- RE: ISP port blocking practice Brian Johnson (Sep 13)