On Mon, Dec 06, 2004 at 04:56:49PM +0000, Michael.Dillon@radianz.com wrote:
And if enough people clean up the bots on their network, then a case can be made for depeering (or severely damping) networks that don't clean up their act.
Agreed. But few, if any, will "clean up their act". For instance, consider: http://news.com.com/2102-1034_3-5218178.html which is a news story discussing the enormous number of spam-spewing zombies on Comcast's network and which says (in part): "Based on my conversations last week, Comcast's network engineers would like to be more aggressive. But the marketing department shot down a ban on port 25 because of its circa $58 million price tag--so high partially because some subscribers would have to be told how to reconfigure their mail programs to point at Comcast's servers, and each phone call to the help desk costs $9." Since Comcast has elected not to pay that hypothetical $58 million dollar price tag, see if you can guess who is. Those costs (whatever they are) don't just evaporate into nothingness merely because Comcast isn't picking up the tab. Please note that since then, they've begun doing *some* port-25 blocking: http://news.com.com/2102-1038_3-5230615.html But I can't find any evidence that they're doing anything other than reactively blocking port 25 connections based on some usage threshold. And of course that's purely symptomatic treatment for the problem-of-the-moment: it doesn't cure the disease, doesn't un-zombie the zombies and thus it lets them do anything/everything else they want. ---Rsk