On Fri, 13 Feb 2004, Dan Ellis wrote:
The issue we have as a dynamic IP broadband provider is that it's a royal pain to shutdown a user - especially in regards to just mail. Lets say we have a spammer and a script detects it. We then have to track him back to the MAC address of the modem, lookup that MAC in the customer DB, shutdown his access and then reset the modem. And at the end, he loses all access, not just mail. With AUTH we can just stop mail access. Yeah, sure we could try to push some access list to the modem itself, blocking mail, but those modems are so flaky to start, it'll never work reliably. Can't just block the IP on the mail server because the user will or could just get a new IP, and then you are blocking a legit user.
Yes, that is a little bit stickier of an issue, IFF your goal is to somehow continue to provide the would-be spammer with the ability to send traffic to the net, provided it doesn't transit your mail server. I feel that you're overlooking the simple solution. Blocking the entire account so they can't access anything is the proper response to a spamming incident.
I'm still not sure if the norm is for providers to let t1+ customers relay. I have multiple OC3's and 12's from AT&T, MCI,... Will they let me relay off their servers without SMTPAUTH? Probably not.
I'm almost positive they would. Hell, many providers will give you a free NNTP feed if you want it. The goal is to maximize the use of the link between you and the customer while minimizing the use of the links between you and other networks. Services like SMTP and NNTP are great for that. Andy --- Andy Dills Xecunet, Inc. www.xecu.net 301-682-9972 ---