Sean Donelan wrote:
On Sun, 15 Feb 2004, Jon R. Kibler wrote:
We block known dialup netblks. Catches < 5% of spam. Why? Because the real culprits are xDSL, CABLE and other systems with broadband connections. These account for about 80% of the spam attempts we observe.
Why don't you block "known" dynamic netblks, including xDSL, Cable, and other broadband connections using dynamic addresses such as WiFi in Starbucks? Most of the existing public DUL's include dynamic IP addresses from all network technologies, not just dialup.
OK, I was sloppy in my wording... I should have said that we block published dynamic netblks, including dial, cable, xDSL, and wireless. That still catches something less than 5% of spam originating from DHCP connections. Also, most ISPs (at least that serve the SE U.S.) AUP prohibit the running of any type of server on a DHCP connection. I know of at least one that regularly drop service to any system found running web, mail, IRC, proxy, ftp, telnet, or any of a dozen other different servers on any DHCP connection.
Blocking port 25 blocks the ability of all MTA's to send any type of mail. "Non-legitimate" is a determination best made by the two parties involved in the communication.
Why should hundreds of thousands of MTAs each have to make the determination that a given system wishing to make a connection is running spamware on a hacked system when that user's ISP could simply block that user and save everyone else the grief? To me, the approach you advocate is something like saying "do away with any centralized law enforcement, force everyone to carry guns, and if anyone suspects that someone else is committing a crime, they are obliged to shoot them." I believe that blocking spam at its source is far easier than blocking it at every possible destination. The less parties involved in blocking the spam, the higher the probability that the spam will be successfully blocked. -- Jon R. Kibler Chief Technical Officer A.S.E.T., Inc. Charleston, SC USA (843) 849-8214 ================================================== Filtered by: TRUSTEM.COM's Email Filtering Service http://www.trustem.com/ No Spam. No Viruses. Just Good Clean Email.