nanog mailing list archives
Re: Outgoing SMTP Servers
From: Brian Johnson <bjohnson () drtel com>
Date: Tue, 1 Nov 2011 01:12:32 +0000
Sent from my iPad On Oct 31, 2011, at 1:30 PM, "Jack Bates" <jbates () brightok net> wrote:
On 10/31/2011 11:48 AM, Michael Thomas wrote:I've often wondered the same thing as to what the resistance is to outbound filtering is. I can think of a few possibilities: 1) cost of filtering 2) false positives 3) really _not_ wanting to know about abuseOn the other hand, you have 1) cost of tracking 2) support costs handling infections It's really an range from "easiest and cost effective" to "doing it right". I personally run hybrid. There are areas that are near impossible to track; this is especially true for wide area wireless/cellular/NAT areas. I always recommend my customers block tcp/25, even to the local smarthosts. Use 587 and authentication to support better tracking. It's a hack, though, as it doesn't stop other abuses and it won't fix the underlying root cause.
Let me know when u can "fix" the root causes. The two I know of: 1. Bad actors 2. Clueless users
In locations that support ease of tracking, using a mixture of feedback loops with proper support is usually the proper way. This allows notification and fixing of the root cause. In our case, we recommend quick suspensions to demonstrate to customer how seriously we take the problem, and then we point out that the sending of spam/scanning is only the easier to detect symptoms. It is unlikely we'll notice if they have a keylogger as well.
Still not the real root cause, but close. ;) Largely in agreement otherwise. - Brian
Current thread:
- Re: Outgoing SMTP Servers, (continued)
- Re: Outgoing SMTP Servers William Herrin (Oct 27)
- Re: Outgoing SMTP Servers Joel jaeggli (Oct 27)
- Re: Outgoing SMTP Servers William Herrin (Oct 28)
- Re: Outgoing SMTP Servers -Hammer- (Oct 28)
- Re: Outgoing SMTP Servers Jay Ashworth (Oct 28)
- Re: Outgoing SMTP Servers Dave CROCKER (Oct 30)
- Re: Outgoing SMTP Servers Brian Johnson (Oct 30)
- Re: Outgoing SMTP Servers Dave CROCKER (Oct 30)
- Re: Outgoing SMTP Servers Michael Thomas (Oct 31)
- Re: Outgoing SMTP Servers Jack Bates (Oct 31)
- Re: Outgoing SMTP Servers Brian Johnson (Oct 31)
- Re: Outgoing SMTP Servers Jack Bates (Oct 31)
- Re: Outgoing SMTP Servers Robert Bonomi (Oct 31)
- Re: Outgoing SMTP Servers Brian Johnson (Oct 31)
- RE: Outgoing SMTP Servers Keith Medcalf (Oct 31)
- Message not available
- Re: Outgoing SMTP Servers William Herrin (Oct 30)
- Re: Outgoing SMTP Servers Valdis . Kletnieks (Oct 28)
- RE: Outgoing SMTP Servers Brian Johnson (Oct 28)
- Message not available
- RE: Outgoing SMTP Servers Brian Johnson (Oct 28)
- Re: Outgoing SMTP Servers Owen DeLong (Oct 28)
- Re: Outgoing SMTP Servers Bill Stewart (Oct 28)