Paul Vixie wrote:
So-called "broadband" user populations (cable, dsl, fixed wireless, mobile wireless) are full time connected, or nearly so. They are technically unsophisticated, on average. The platforms they run trade convenience for security, and must do so in order to remain competitive/relevant. Margin pressure makes it impossible for most "broadband" service providers to even catalogue known-defect customer systems or process complaints about them.
What is the estimated cost per subscriber of such an operation in your opinion and where should it be to make it feasible? Off-the-shelf automation can accomplish this for pennies per subscriber per month, keeping the catalogs up to date and informing users automatically. After deployment there is a smallish support burst, but after the levels of infection plummet and stay at levels two orders of magnitude lower than prior situation, queues will shorten and customers will be significantly more happy.
MAPS or SORBS or somebody needs to set up a "BBL" (broad band list) which is just a list of "broadband" customer netblocks, with no moral/value judgement expressed or implied. If it's complete and updated frequently, I'd pay for a feed because of all the work it would save me personally and in my dayjob. (Apropos of JCurran's comments above, it wouldn't matter if netblocks on this "BBL" disabled outbound TCP/25, or not, so, they probably just wouldn't, but, they probably aren't going to, no matter whether a "BBL" exists or not.)
The new motto here is: "Blackhole 'em all and let market forces sort 'em out."
I think the late developments have been more geared towards "go fix the world in far and remote places also". :-) I would expect the community who uses similar blackhole criteria as you to be fairly insignificant to the spammers revenue stream. So the stream must be cut at the source, not just fending off the 1% somewhere. Pete