Re: The home user problem returns

[Mason Schmitt <mason () schmitt ca>]

Brian Loe wrote:
> > While I think that user ed is still a critical piece to the 
> > puzzle, I think that the way that we go about attempting to 
> > educate needs to change.  That's what I was trying to get 
> > across in my last email.  It takes one on one interaction with people.
>
>
> If Ed WANTS to learn, he'll learn. If Ed wants his porn, you're annoying
> him, go away.

That's completely true.  No argument here at all.

> Why has spam control become the responsibility of the ISP? Unless it's
> originating from your network - and you have specifically disallowed such
> usage on your network via contractual agreements between you and the
> customer - why do you care how much spam your customers get? Only as an
> add-on service should an ISP be involved.

Haven't you heard?  Spam is a global problem.  Many of the means of
dealing with spam involve voluntary cooperation from as many people as
possible to combat the problem.  That cooperation entails such things as
outbound port 25 blocks at ISPs.

As for the recipient of the spam.  Most ISPs now do a basic level of
inbound spam filtration, just to ease the load on their mail servers,
let alone appease angry customers.  Most ISPs also offer a subscription
anti-spam service to those that want it.  If you don't want to subscribe
to the anti-spam service, I assure you that there is still tons left
over after the ISP's basic filtering- you'll get all the spam you handle.

> I guess I'm still confused. What issues are you having because of your
> customer's lack of security? Loss of bandwidth? Attacks on your internal
> network? What, exactly, is the result of your customers being bad?

I'll give you some examples in a sec, but first, since we are tossing
quotes around, here's one for you, "An ounce of prevention is worth a
pound of cure".  I know that I have to do my part and hope that others
do theirs.  As a result the problem will diminish overall.

Here's an example that's not related to Internet access and bandwidth.
In North America (and starting to become a problem in most developed
nations), smoking is becoming a huge problem.  Smoking is known to be
linked to many forms of cancer, birth defects, gum disease, many
respiratory diseases, etc, etc. - it's a really long list.  Some people
consider smoking to be a personal choice, so lets run with that.  My
first argument pertains more to Canada and other countries that have
public medical systems.

When enough people choose to smoke, they are placing an unnecessary
burden on the public medical system, thereby degrading it for everyone else.

You may be one of those militant smokers that feels it is their right to
smoke wherever they please.  If you decide you want to smoke in public,
you may be smoking next to someone that is an asthmatic.  It's well
known that second hand smoke is just as deadly, if not more so, than the
smoke you pull through your filter - if you and other militant smokers
get their way, non smokers are now suffering the same health problems
that are common amongst smokers.  Other people may be enjoying the fresh
air or a good meal and you are denying them that.  The effect can even
be as simple as making someone else's clothes stink.  No matter how you
look at it, this is more than just your problem - you are involving
other people that may not want to have anything to do with you.


I promised I'd give you an example relating to your use of your Internet
connection.  Here's one really good example for you.

Recently a bot found it's way onto a customer's computer.  That bot
setup shop and began to send spam... through our not-so-smart smarthost.
 The bot was also a worm and it started spewing like crazy trying to
find more hosts - it found some on our network and would have found some
out on the net if I hadn't put egress filters in place on our router a
year or two ago.

I got called into work outside normal hours to track down the bot, our
support people had to call the customer to let them know and they also
turned of the customer's modem until the infection was cleaned out.
They then had to start calling other customers and doing the same.

In the short time that the spam was flowing, our mail server managed to
find it's way onto a couple blacklists.  As a result, customers that
didn't get the worm were still being affected because some of their
email bounced due to other mail admins using the blacklists that we
ended up on.  This in turn generated support calls.

I then kicked myself for not having implemented rate limiting and really
basic spam filtering on our outbound smtp relay like I had planned to
and set about working out how I was going to do that.  It turns out that
it not feasible with our current solution, so this week I'm working on
building a new mail server that will allow me to do the egress filtering
I need to do.

All in all, the fact that there weren't more safe guards in place cost
us time and money and affected a fair number of customers.  It has also
pulled me away from other important work and thus I get further behind.

If that doesn't paint a clear enough picture of why you should not be
able to have a wide open un-restricted pipe of your own, let me know and
I'll give you some more examples.

--
Mason
_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards