On Mon, 2 May 2005, Edward B. Dreger wrote:
DA> Date: Sun, 1 May 2005 21:09:50 -0400 (EDT) DA> From: Dean Anderson
DA> > http://www.merit.edu/mail/archives/nanog/199-11/msg00263.html DA> > http://www.merit.edu/mail/archives/nanog/199-11/msg00289.html DA> DA> Neither of these links actually work. But it is "Draft Standard". That is
s,199,1999,
you need more than that: http://www.merit.edu/mail.archives/nanog/1999-11/msg00289.html I said: "The SMTP AUTH RFC 2554 is standards track, but not standard. " I was correct. What's more interesting is what the other guy said:
Incorrect. It's a customer training issue, and a little development time on your part. If you can't use SMTP AUTH, don't. Use POP-before-SMTP. Whip up a custom finger daemon to accept a username/password pair in the same manner. Create a webpage for your customers to enter a username and password on to authenticate themselves. Use a VPN. Use magic headers or subject lines that your MTA catches and uses as identity verification. Provide a web-based interface for your customer's email. Use UUCP.
Oh sure, its a customer training issue. Who's going to pay for that? Yeah. Lets just "Whip up a custom finger daemon". What would be the benefit? Back then, it was to reduce spam, but this was a fallacy that I recognized right away. Sure, lets just make everyone use a VPN. Who's going to pay for that? And what's the benefit? Magic headers? UUCP? What kind of drugs were they on? And what's even more interesting, looking back at 1999, is that open relays were not being abused by commercial bulk emailers, but by anti-spammers. We tested this out in the late 1990s by submitting non-production relays to blacklists and monitoring connections. After scanning, they began getting abuse. I posted this back than, but it was ignored. Then, in the fall of 2003, when the major open relay blacklists shutdown, open relay abuse JUST DROPPED OFF TO NOTHING. And when SORBS started scanning, abuse picked back up again. Well, lamely. In the old days we were usually hit by 200-300 IPs, and sometimes as many as 2400+. The March abuse was only a little more than a dozen IPs. It was the same old abuse pattern: targeted at mainly 2 Korean doamins: daum.net and sayclub.com. Probably the same old extortion scam as before. They send a lot of abuse, and then get daum.net and sayclub.com to use their blacklist, eventually contributing money, of course. But this time it was all "from: webmaster@av8.com". Previously, that was kind of rare (one virus used "from: dean@av8.com", and abused our relays, but this wasn't much). In the old days, most of the open-relay zealots didn't consider domain restricted relay to be open. Though, ironically, I did. This was a minority view, though. And we caught Matthew Sullivan THREATENING MAILBOMBING---that is, threatening to spam people. As his defense, he said he didn't know that mailbombing was against the AUP(!?!) And MAPS employees were caught **working for spammers**, and that very SAME spammer was on the FTC anti-spam panel, which was stuffed with MAPS-associated people. And we caught (several times) blacklists being used for personal vendettas. There's more. The list is long and dishonorable. --Dean -- Av8 Internet Prepared to pay a premium for better service? www.av8.net faster, more reliable, better service 617 344 9000