Re: Getting open smtp servers fixed
- Date: Fri, 11 Sep 1998 16:42:31 +0200 (CEST)
On Fri, 11 Sep 1998, Richard Kettlewell wrote:
> > What are the defenses?
> >
> > a) Make spam illegal, so that the penalty is a little bit higher than a
> > cancelled subsription. But we have to be careful with what we wish
> > for -- someone's free speech will very much look like someone else's
> > spam.
> >
> > b) use "artificial intelligence" software to detect spam before it reaches
> > the user's mailbox.
>
> c) filter out all port 25 tcp connections from dialup customers unless
> they are to yoru smarthost(s).
>
> The spammer can still use the smarthost (much as if they were using an
> open relay, of course) but you by forcing all the mail through a
> single point the ISP can more easily detect the spammer early on.
>
> Legitimate customers shouldn't mind being constrained to route all
> their mail via your smarthost. Nonetheless some ISPs might very well
> feel unable to implement this strategy for whatever reason.
>
> ttfn/rjk
>
Most spam-traps today are implemented on the receving side. I would like
to see spam beeing blocked as close to the source as possible. It would
require software changes and a sufficient transition-phase, and isn't
something that can be implementet overnight. My suggestions may seem too
restrictive to some people. The main objective is to try to turn the
attention to the source of the problem instead of imposing extra workload
on administrators handling spam on the receiving end.
Here is a rough indication of what I would like to happen:
1. Having a database containing trusted MTA's which can be used by those
who want strict filters.
2. All MTA's to be registered must be scanned and approved before they
are registered in the database.
3. Periodically scan the trusted MTA's to detect changes which may
cause MTA's to act as open relays.
4. Implement filters in MTA's which limits the number of messages and
recipients that one single source can send messages to (eg. ~25
messages/hour). Also implement an option to allow certain customers to
send larger volumes. There are companies/organizations who have valid
reasons to send messages to their customers/members. As these
would be registered users they can easily be identified and dealt with by
their ISP if they violate the agreement.
5. ISP's install the MTA's descibed in 4 and force their clients to
transmit all their messages through these MTA's (In fact enforcing the use
of "outgoing mail relays"). Large private networks with their own MTA's
connected thorugh leased lines should be handled as an ISP wrt
registration in the trusted MTA database.
6. Receiving MTA's need to be able to look up the information stored in
the datbase of trusted MTA's to verify that messages in fact are
transmitted through trusted MTA's.
-- Per Heldal