nanog mailing list archives
Re: Paul's Mailfrom (Was: IETF SMTP Working Group Proposal at
From: Paul Vixie <vixie () vix com>
Date: 27 Aug 2002 07:43:04 +0000
...and, occasionally, your ISP's "abuse desk." If this function of your ISP costs less than 1 FTE per 10,000 dialups or 1,000 T1's or 100 T3's, then your ISP is a slacker and probably a magnet for professional spammers as well.
Not to try to undercut the general point, but that would imply that Earthlink, AOL, and MSN (for examples) should have a combined abuse department of roughly 1500 employees. Well, perhaps those were poor examples then.
as i told patrick, the numbers are round, and a survey is needed. it's definitely going to be the case that scale will lead to economy, and AOL could most likely get by with only 100 full time "abuse desk" staffers as long as the rest of their service model were optimized to make abuse difficult to propagate. i doubt they will comment in detail here, since the actual numbers are likely to be some kind of internal secret. i know i get far less spam from AOL than i used to, and i've assumed that this is because they decided to address the costs at the front end (in their service model) rather than the back end (in endless cleanup.)
It would be wonderful if it were the case, and while it seems like laziness when we talk about the big guys, most middle sized providers just don't have the operating budgets to not slack at least a little bit.
whenever you get spammed, it's because some isp somewhere is a slacker, and is letting you pay the price for their lack of investment in this critical area. (spam is not unlike route flaps in this way, i suppose.)
But this debate (I'm not debating with *you*) keeps coming around full circle. Perhaps the real social problem is convincing whatever standards bodies and vendors necessary that it is a technical problem.
i think it's clear that everybody wants it to be somebody else's problem.
There seems to be far too much apathy (FUD?) rather than just designing a partial solution, however imperfect, and implementing it.
as the designer of several partial solutions which have been implemented, i agree from experience. spam's assymetric cost:benefit ratio (between a spammer and a victim) really institutionalizes apathy. the benefit to one spammer in being able to outwit a defense is a measurable success in that day's events. the benefit to one victim in being able to erect a defense which stops one kind of spam or spam from one source or what have you is immeasurably small compared to the deluge of other crap that'll come over the gunwales in the same diurnal period. no solution which does not progressively leverage the combined small efforts of millions of spam victims will ever be measurably effective other than in some small locality and/or for some brief instant. see the DCC for an example (http://dcc.rhyolite.com/) of how to build and apply that leverage. (i'm not giving the reference to vipul's razor because i said "millions.") -- Paul Vixie
Current thread:
- RE: Paul's Mailfrom (Was: IETF SMTP Working Group Proposal at, (continued)
- RE: Paul's Mailfrom (Was: IETF SMTP Working Group Proposal at Barry Shein (Aug 30)
- Re: Paul's Mailfrom (Was: IETF SMTP Working Group Proposal at smtpng.org) John M. Brown (Aug 26)
- Re: Paul's Mailfrom (Was: IETF SMTP Working Group Proposal at smtpng.org) Iljitsch van Beijnum (Aug 26)
- Re: Paul's Mailfrom (Was: IETF SMTP Working Group Proposal at Paul Vixie (Aug 26)
- Re: Paul's Mailfrom (Was: IETF SMTP Working Group Proposal at Patrick (Aug 26)
- Re: Paul's Mailfrom (Was: IETF SMTP Working Group Proposal at Paul Vixie (Aug 26)
- Re: Paul's Mailfrom (Was: IETF SMTP Working Group Proposal at Patrick (Aug 26)
- Re: Paul's Mailfrom (Was: IETF SMTP Working Group Proposal at Scott A Crosby (Aug 29)
- Re: Paul's Mailfrom (Was: IETF SMTP Working Group Proposal at Paul Vixie (Aug 29)
- Re: Paul's Mailfrom (Was: IETF SMTP Working Group Proposal at David Van Duzer (Aug 26)
- Re: Paul's Mailfrom (Was: IETF SMTP Working Group Proposal at Paul Vixie (Aug 27)
- Re: Paul's Mailfrom (Was: IETF SMTP Working Group Proposal at Paul Vixie (Aug 27)
- Re: Paul's Mailfrom (Was: IETF SMTP Working Group Proposal at Barry Shein (Aug 27)
- Re: Paul's Mailfrom (Was: IETF SMTP Working Group Proposal at Brad Knowles (Aug 27)
- Re: Paul's Mailfrom (Was: IETF SMTP Working Group Proposal at Paul Vixie (Aug 27)
- Re: Paul's Mailfrom (Was: IETF SMTP Working Group Proposal at Brad Knowles (Aug 27)
- Re: Paul's Mailfrom (Was: IETF SMTP Working Group Proposal at smtpng.org) Jim Hickstein (Aug 27)
- Re: Paul's Mailfrom (Was: IETF SMTP Working Group Proposal at smtpng.org) Brad Knowles (Aug 28)
- Re: Paul's Mailfrom (Was: IETF SMTP Working Group Proposal at smtpng.org) Brad Knowles (Aug 26)
- Re: Paul's Mailfrom (Was: IETF SMTP Working Group Proposal at smtpng.org) Randy Bush (Aug 26)
- RE: Paul's Mailfrom (Was: IETF SMTP Working Group Proposal at smtpng.org) Jeroen Massar (Aug 26)