<<< Chronological >>> Author Index    Subject Index <<< Threads >>>

Re: Getting open smtp servers fixed


    I'm following this discussion since a few days and I would
    like you to explain certain things to me, because I think
    that most anti-spam measures I read about either won't work
    or are even worse than the spam itself.
Most anti-spam measures *do* work, but the way they're
sometimes implemented *can* be as counterproductive and
annoying as spam itself.
    
    Many ISPs have very easy sign up procedures which allow a
    spammer to use always one shot "real accounts".
There isn't an infinite number of ISP's, and once an ISP
is identified as a frequent spam source, lots of sites
will refuse all e-mail from or via that ISP.
    
    	It's important to stop spam at the source, but that is a lot
	easier if you know that they won't be able to relay it over
	some unsuspecting relay host somewhere in the world.
    I agree, relaying is a legacy feature which we don't need
    anymore.
We *do* need them: each and every MX fallback host is a
relay by definition. I suspect you're mixing up "relays"
in this context and "relays" in the sense of store-and-
forward hosts as they were used e.g. by UUCP. And even
UUCP is still widely around...

    	(For example: what good is it if I close my SMTP port for SMTP
	connections coming from UUnet customers if they send their junk
	over your mailer instead?)
    What gives you the right to block the mailer of a particular
    ISP without distinguishing between its spamming and its
    non-spamming customers ?
End sites by definition have that right: their sysadmins
*have to* protect users and systems in their organisation
as much as possible from spam, because it steals resources
and causes a *lot* of irritation. Sorry for the good-willing
customers, but if an ISP is a notorious source op spam and
doesn't take effective measures to stop it, then blocking
that ISP is a *necessity* and good-willing user should go
to a more serious and decent ISP.

    Punishing innocent people is definitely inacceptable !
Not always: it's a choice between bad and worse. A choice
one has to make often in everyday life.

    	Open third-party relays make tracing and stopping spam a lot harder,
	and should be closed.  The sooner the better.  The more noise is made
	about open relays, the better.
    I don't think that closing all relays is a strong weapon
    against spammers,
Oh yes, it is! That is: closing all hosts that are open
to *third party relaying*, because that's the issue here.
Such "public" relays are an excellent way for spammers to
stay anonymous and hardly -if at all- traceable. Once ALL
such "public" relays are closed, the Internet will be a
much harsher place for spammers. But by then they'll have
found other ways to spread their crap...


	Piet




<<< Chronological >>> Author    Subject <<< Threads >>>