Vixie writes:
since we're talking about laziness, let's look at two ways in which we (nanog "members" and others like us around the world) have been lazy, for decades, and have therefore helped to create the current miserable "abuse" situation.
Paul, let me add one more to your list: As a community, we have been too lazy to take hold of the architectural source of the problem, which is the complete lack of accountability over the ability to post email. This is not a technical issue (although I can hear echos from the long past x.400 community already), it's simply a service definition issue. As a community, we've designed an end-to-end mail protocol(SMTP) and opened it up to everyone. The reality is that the vast majority of end-user customers connected to the Internet have one or two email servers, and there is no reason to allow client connections to port 25 for posting. If ISP's simply filtered port 25 by default except from specified servers, there wouldn't be a huge base of client systems to tap into for robo-farms for spamming. Of course, this breaks the end-to-end model of the Internet... Too bad. End-to-end makes sense in some contexts, and it doesn't in others. This is the latter case. In reality, lots of folks have plenty of good reasons to want open access to port 25 from their entire prefix. That's also fine, *as long as you accept responsibility for what is sent*. Want both wide open access and complete deniability? That's the option we presently have, and frankly, it doesn't scale. /John