Dave CROCKER wrote:
On 10/30/2011 8:36 PM, Brian Johnson wrote:
So you support filtering end-user outbound SMTP sessions as this is a means to prevent misuse of the Commons*. Correct?
If it is acceptable to have the receiving SMTP server at one end of a connection do filtering -- and it is -- then why wouldn't it be acceptable to have filtering done at the source end of that SMTP connection?
As soon as we step upstream this way, stepping up earlier still is merely a question of efficacy and efficiency.
I've often wondered the same thing as to what the resistance is to outbound filtering is. I can think of a few possibilities: 1) cost of filtering 2) false positives 3) really _not_ wanting to know about abuse Given the cost of incoming filtering, I'd think that outbound filtering would be down in the noise. On the other hand, getting support blowback for false positives seems plausible, but probably no worse than blowback from false positives incoming. So, #3 -- assuming my list is exhaustive which it probably isn't -- seems like a real possibility. Especially when you consider that it opens a can of worms of "now that we know we have a likely bot, what do we with it, and how much will that cost?" Mike