At 4:42 PM -0800 12/30/97, Adam Rothschild wrote:
NANOG folk:
Over the past few weeks, I have noticed an influx of SPAM(tm) transmitted by UUNet dynamic IP dial-up users (read: MSN, Earthlink, GTE, etc.) and relayed using Earthlink SMTP relays. Am I turning senile prematurely, or has anyone else noticed this influx?
Also, how easy would it be for Earthlink and other nationwide "ISP's" (or more accurately, UU/PSI resellers) to do the following? This would not stop SPAM(tm) dead in its tracks, but I figure it would make it easier to hold spammers accountable at least... unless, of course, they use throw-away accounts, in which case there is not much that can be done...
- institute anti-spam rules on their SMTP relays, i.e. only relay mail reporting to be from earthlink.net and the virtual domains they host
- only allow SMTP relaying from IP's assigned to *their customers* dynamically (cross-reference Radius logs?)
Constructive feedback would be greatly appreciated! Together, we CAN make a difference.
Regards, Adam
We require all of our cutomers' users to authenticate themselves, i.e., their current IP address with us via a POP connection before they're allowed to use our SMTP servers. Once a successful POP login has been completed, that "authorization" is good for 30 minutes. Because we've done this, our service has been 100% free from unauthorized relaying while at the same time keeping our relays totally open for our customers' customers no matter where they've connecting. This was essential for us to implement because we're a mail service provider for Internet service providers, all of our direct customers are ISPs, and we have no control over the networks that those ISPs' users come in from. -- Wayne D. Correia Critical Path Inc. tel: +1-415-543-2800 CTO 320 First Street fax: +1-415-543-2830 San Francisco, CA 94105 pcs: +1-415-826-6000 "we handle the world's email" http://www.criticalpath.net