nanog mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Fun new policy at AOL

From: "Dr. Jeffrey Race" <jrace () attglobal net>
Date: Tue, 11 Nov 2003 20:05:35 -0500

On Fri, 29 Aug 2003 00:05:50 +0100 (BST), Stephen J. Wilcox wrote:

On Fri, 29 Aug 2003, Dr. Jeffrey Race wrote:

On Thu, 28 Aug 2003 12:07:30 -0400, Matthew Crocker wrote:

It can be built without choke points.  ISPs could form trust 
relationships with each other and bypass the central mail relay.  AOL 
for example could require ISPs to meet certain criteria before they are 
allowed direct connections.  ISPs would need to contact AOL, provide 
valid contact into and accept some sort of AUP (I shall not spam 
AOL...) and then be allowed to connect from their IPs.  AOL could kick 
that mail server off later if they determine they are spamming.


Now there is an idea!  However an improved variant is to make the
entire internet a 'trust relationship' using the (obvious) steps you
propose.   For several months I have been pondering possible details of
implementing same; see <http://www.camblab.com/misc/univ_std.txt>.
Comments welcome.


Surely it already is ? That is I only announce routes of my customers who I 
trust, my upstreams and peers trust me and what i announce to them, their 
upstreams/peers do and so on. And yet we still have hijacked netblocks and 
ddos's with uncaring sysadmins. Why should email be any different?

And if you do implement such a system, the spammers will just adapt.. the 

recent 

viruses (sobig) are an example of how spammers can open up end user machines to 
facilitate sending of email, providing they can control such a host they can 
simply relay thro the providers' smtps.. they dont need open relays to send out 
their junk!


The proposal at <http://www.camblab.com/misc/univ_std.txt> provides that
mail from compromised sources shall be rejected.  This forces the host 
sysadmin to secure his system if he wants to communicate with the rest of
the internet.   Presently the penalty for negligence is borne by the
victim, not the perpetrator.   The unique aspect of the proposal is to
attach consequences to actions, a principle which is used everywhere in
society except the Internet.

Jeffrey Race
Previous By Date Next
Previous By Thread Next

Current thread: