On Fri, 21 Aug 1998, Dalvenjah FoxFire wrote:
One extremely simple fix that the UUnet folks appear not to have stumbled upon is to firewall outgoing connections on port 25 to any hosts other than a specific list of earthlink, MSN, &etc mail hosts. This would only require reconfiguration on the part of the particularly obstinate customers who didn't follow the directions properly in the first place, and would for the most part kill off the relay hijacking that goes on from those networks.
ISPs sell customers a TCP/IP connection to the Internet. To me that means taking my IP datagrams and delivering them to where I address them. I don't see that filtering of outbound traffic is part of such a product, any more than hijacking my connects to port 80 somewhere and plumbing me into a "transparent" web cache is. Why shouldn't dialup users run MTAs that do "proper" delivery? On the other hand, I would fully support anyone's right to filter connections from my dialin user pool addresses if they felt that they needed to do that. I would, in my personal opinion, be happy to provide such a person with my IP pool address ranges, or info on the domain names we use for that (which are easy to deduce, anyway?). (Of course, I'd rather persuade this person than my organization deals responsibly with spammers - but no doubt I'd be unable to persuade some) If enough people refused to take mail from my pool addresses then I guess my customers will be duly "encouraged" to use the provided relays. (Most do anyway, of course) If only a few refuse to take the mail then most deliveries still work fine directly; and those few feel happy that they are "protected". Doesn't this arrangement make sense? Regards, Steve Davies Operations, UUNET UK (Who is in the UUNET group but does not influence policy for UUNET US)