More on spamming..
Morten Reistad mrr at norway.eu.net
Wed Oct 1 14:01:11 CEST 1997
In message <199710011109.MAA02064 at diamond.xara.net>, Alex Bligh writes: > > On Wed, 1 Oct 1997, Paul Thornton wrote: > > > > > I have to agree with Alex here. If we can persuade ISPs (and customers who > > > have mail servers which can relay) to fix their configurations to deny > > > relaying except for their own hosts/networks then we have made a big step > > > forward. > > > > but it still doesn't solve problem of spamming. > > Long term: > > It doesn't solve it, but it helps it. One of the main problems is > traceability. IE you don't know where the spam has come from. If > noone third-party relayed, then when my users get spam, I'd know the > IP address of the machine it came from originally. This would be > good. Another necessary fix is for ISPs to keep record of which > user had which IP address at any given time, and to keep contact > details for all their users (this is desirable for secuirity and > legal reasons too). This is elementary; know who your customers are and what they are doing with your infrastructre. > If you build these two things together with > a term in peering agreements that classifies spam abuse in a similar > manner to the way most agreements currently classify security > problems (i.e. mutual terms for traceability and action), and > one hopes that similar terms are already in place in transit > agreements, then one should be better able to get spammers > removed. Almost all peering on the Internet today is 'soft'; in that it is 'just packets' that is moved. If we are to get tough on enforcing this we'll need lawyer-based peering aggreements. Remember the Internet of 1993 ? How fearful we all were about getting such 'firm' peering aggreements, because it would force us into a PTT-stand on almost all the models of pricing, transit etc. that the Internet Community loathed (does it still?). Are we ready for the 'firm' peering aggreement ? > > Short term: > > The other more obvious reason why it helps in the short term > is that in conjunction with a realtime BGP feed like that > on http://maps.vix.com, you (a) ensure that you have no 3rd > party relayed spam, and (b) have the addresses of many commercial > spammers blackholed. Of course they move IP addresses, but the > larger ones soon get their networks blocked as a whole. Then > they have to go back to their provider to change IPs. Eventually > the provider will become bored of this (vz. Cyberpromo & AGIS). > But it *does* reduce the amount of spam. The other way is to keep up the self-justice. Drop the peering with the bozo generating the spam. > > > > -- > Alex Bligh > GX Networks (formerly Xara Networks) > > -- ___ === / / / __ ___ _/_ === Morten Reistad, Network Manager === /--- / / / / /__/ / === EUnet Norway AS, Sandakerveien 64, Oslo === /___ /__/ / / /__ / === <Morten.Reistad at Norway.EU.net> === Connecting Europe since 1982 === phone +47 2209 2940
[ lir-wg Archives ]