nanog mailing list archives
Re: FW: The worst abuse e-mail ever, sverige.net
From: Steven Champeon <schampeo () hesketh com>
Date: Tue, 21 Sep 2004 23:58:56 -0400
on Tue, Sep 21, 2004 at 05:52:12PM -0600, Allan Poindexter wrote:
Daniel> The only responsible thing to do is filter port 25, Daniel> smarthost for your users, and inform them about using the Daniel> alternate submission port with authenticated SMTP in order Daniel> to work with enterprise mail servers - or IPSec VPNs, for Daniel> that matter. This is simply the best practice, at this point Daniel> in time. Using humans ("dedicated staff person") to stop Daniel> spam isn't scalable - automated processes are sending this Daniel> stuff, we need systematic ways to fight it - black/white Daniel> lists, SPF, port 25 filtering, bayesian filtering and other Daniel> tools. Let's put this in perspective. Say a hypothetical sysadmin were to disable any and all authentication on his SSH server. And that someone then used SSH from your network to run code that sysadmin didn't like on that machine. Would you then consider it reasonable if the sysadmin proposed: The only responsible thing to do is filter port 22, smarthost for your users, and inform them about using the alternate submission port with authenticated SSH in order to work with enterprise SSH servers - or IPSec VPNs, for that matter. This is simply the best practice, at this point in time.
OK, now let's make it more in line with modern practice: Say a protocol more or less completely lacked server-server authentication, or a way to distinguish between client and server, and that then every day, for ten years, hundreds and thousands of professional criminals used weaknesses in the monopoly OS to plant software completely under their control on fifty million (or so) of these vulnerable hosts, and then took advantage of the aforementioned weakness in the protocol to own anywhere from a quarter to 90% of all inbound transmissions to your server- all selling illegal, immoral, or extralegal services and products, to the point that some users of that protocol literally drown in said deluge, and also that a major proportion of said submissions were addressed to users who don't exist, never existed, only exist because of inventive viruses (see "monopoly OS"), or completely fictional and created by aforementioned professional abusers, and sold to other naive abusers, or were the helpful notices provided to said forged addresses after accepting the submissions, rather than rejecting at submission time. Oh, and outbound connections aren't expected from the vast majority of those hosts. Yes, I think this a reasonable response to use everything at our disposal to refuse the majority of the unwanted submissions. But hey, I'm just a mail admin with 65% inbound mail identified as abusive. Obviously I don't have any of these hypothetical concerns. -- join us! http://hesketh.com/about/careers/web_designer.html join us! hesketh.com/inc. v: +1(919)834-2552 f: +1(919)834-2554 w: http://hesketh.com join us! http://hesketh.com/about/careers/account_manager.html join us!
Current thread:
- Re: The worst abuse e-mail ever, sverige.net, (continued)
- Re: The worst abuse e-mail ever, sverige.net Steven Champeon (Sep 21)
- Re: The worst abuse e-mail ever, sverige.net Jon Lewis (Sep 21)
- Re: The worst abuse e-mail ever, sverige.net james edwards (Sep 21)
- FW: The worst abuse e-mail ever, sverige.net Daniel Golding (Sep 21)
- Re: FW: The worst abuse e-mail ever, sverige.net Daniel Senie (Sep 21)
- Re: FW: The worst abuse e-mail ever, sverige.net Steven Champeon (Sep 21)
- Re: FW: The worst abuse e-mail ever, sverige.net Mikael Abrahamsson (Sep 21)
- Re: FW: The worst abuse e-mail ever, sverige.net Joe Provo (Sep 21)
- Re: FW: The worst abuse e-mail ever, sverige.net Allan Poindexter (Sep 21)
- Re: FW: The worst abuse e-mail ever, sverige.net Brian Wallingford (Sep 21)
- Re: FW: The worst abuse e-mail ever, sverige.net Steven Champeon (Sep 21)
- Re: FW: The worst abuse e-mail ever, sverige.net Allan Poindexter (Sep 22)
- Re: FW: The worst abuse e-mail ever, sverige.net Daniel Senie (Sep 21)
- Re: FW: The worst abuse e-mail ever, sverige.net Douglas Otis (Sep 21)
- port 25 blocking [Re: FW: The worst abuse e-mail ever, sverige.net] Mikael Abrahamsson (Sep 21)
- Re: port 25 blocking [Re: FW: The worst abuse e-mail ever, sverige.net] Valdis . Kletnieks (Sep 21)
- Re: port 25 blocking [Re: FW: The worst abuse e-mail ever, sverige.net] Douglas Otis (Sep 21)
- Re: FW: The worst abuse e-mail ever, sverige.net Steven Champeon (Sep 21)
- Re: FW: The worst abuse e-mail ever, sverige.net Lars-Johan Liman (Sep 22)
- Re: FW: The worst abuse e-mail ever, sverige.net Steven Champeon (Sep 22)