FW: The worst abuse e-mail ever, sverige.net

[Daniel Golding <dgolding () burtongroup com>]

On 9/21/04 1:00 PM, "james edwards" <hackerwacker () cybermesa com> wrote:

> > Sheesh. Get over /yourself/. Your network is rude by its very existence,
> > if it lets spammers relay crud by way of it. Your own arrogance in
> > thinking it's not your problem to fix is astounding.
>
> I did no say it is not my problem, we have a 10 year history of being
> very pro-active for all abuse issues and have a dedicated staff person to
> deal with these issues. Slaming my mail admin because a dial up user has a
> virus
> is rude, period. Our dial up address space is listed, if people choose to
> block
> mail from that space.
>
> james

To shift this to a more operational tone...

Networks make choices. One choice is to declare their dynamic space and put
the duty of ignoring emails from dialups users on the receiving networks.
Another choice is to filter port 25. Filtering port 25 has its own costs -
some users are offended/bothered by this, since they can't use their own
corporate mail servers, in some cases.

If a network makes the choice of putting the duty of filtering on the
receiving party, they need to accept that this will upset some of those
receivers. Today's security environment means that spam-sending viruses are
common. 

The only responsible thing to do is filter port 25, smarthost for your
users, and inform them about using the alternate submission port with
authenticated SMTP in order to work with enterprise mail servers - or IPSec
VPNs, for that matter. This is simply the best practice, at this point in
time. Using humans ("dedicated staff person") to stop spam isn't scalable -
automated processes are sending this stuff, we need systematic ways to fight
it - black/white lists, SPF, port 25 filtering, bayesian filtering and other
tools.

-- 
Daniel Golding
Network and Telecommunications Strategies
Burton Group