RE: Spam Control Considered Harmful
How about a new RFC outlining a method of dynamically delivering a relay host native to whatever service provider you dial in to ?? That way, any e-mail can be traced to a supposedly responsible end-user by the victimized ISP ?? Naaaaa. Paul.
-----Original Message----- From: woods@most.weird.com [SMTP:woods@most.weird.com] Sent: Wednesday, October 29, 1997 9:47 PM To: John A. Tamplin Cc: nanog@merit.edu Subject: Re: Spam Control Considered Harmful
[ On Wed, October 29, 1997 at 21:53:52 (-0600), John A. Tamplin wrote: ]
Subject: Re: Spam Control Considered Harmful
[....] The difficulty in the latter is finding a way to determine what SMTP servers they are supposed to have access to and then implementing that in a router access list.
There should be no difficulty at all in doing this. If they dial into your network then they use your outgoing mail relay server, and yours alone. Period. (Unless you have some kind of agreement in a roaming system where you authenticate your own users to someone else's dial-up and vice versa, in which case you only allow the user to connect to the the "home" ISP's mail relay host(s).)
-- Greg A. Woods
+1 416 443-1734 VE3TCP <gwoods@acm.org> <robohack!woods> Planix, Inc. <woods@planix.com>; Secrets of the Weird <woods@weird.com>
How about a new RFC outlining a method of dynamically delivering a relay host native to whatever service provider you dial in to ?? That way, any e-mail can be traced to a supposedly responsible end-user by the victimized ISP ??
Naaaaa.
Na. Howabout making sure that *every* dial in user has a fixed IP address. This way you can match *in real time* or later, without logs who did what. OK this only fixes dial-up accounts, but that is a majot part of the problem - and permenantly connected sites already have fixed IP address space. To anticipate the next flame - it is feasible, we do it. Demon that is. Peter -- Peter Galbavy @ Home in Wonderland http://www.wonderland.org/ http://www.whirl-y-gig.org.uk/ http://www.demon.net Be remembered not for your final destination, but for your journey.
On Thu, 30 Oct 1997, Peter Galbavy wrote:
Na. Howabout making sure that *every* dial in user has a fixed IP address. This way you can match *in real time* or later, without logs who did what. OK this only fixes dial-up accounts, but that is a majot part of the problem - and permenantly connected sites already have fixed IP address space.
To anticipate the next flame - it is feasible, we do it. Demon that
Sure...and when I apply to ARIN for more space and show I've assigned a /21 worth of space to static IP dialup users, I'm sure they won't laugh while stamping DENIED on my application :) How does Demon get away with that sort of waste? ------------------------------------------------------------------ Jon Lewis <jlewis@fdt.net> | Unsolicited commercial e-mail will Network Administrator | be proof-read for $199/message. Florida Digital Turnpike | ______http://inorganic5.fdt.net/~jlewis/pgp for PGP public key____
Sure...and when I apply to ARIN for more space and show I've assigned a /21 worth of space to static IP dialup users, I'm sure they won't laugh while stamping DENIED on my application :)
How does Demon get away with that sort of waste?
I is *not* a waste. It is a very good use of IP address space. We have usage density of about 99% of our allocated blocks. Meanwhile the customers love it bcause they can do things that not having an IP address would stop. Their own domain name for a start - "snark.demon.co.uk" for my dial-up. Security based on IP address. We have many many busines users who use the fact that they know what IP address a dial-up user will have to authenticate access to their corporate networks. We made a business case, and it is the correct one. We very rarely have much more address space than required, and whether or not the customers know what an IP address is, they come to us (as the largest provider in the UK) because of the feature set and quality of the service. They want an infinite number of mailboxes, they like to be able to reconnect a dialup that drops half way through a telnet of ftp session and continue from where they left off, they like the "instant" intranet they get. Adn so on. I reiterate. It is not a waste. What is a waste is people like Interop having an entire class A, like PSInet having a class A, like MIT ... fill in the blanks. They just got their first, but I cannot see anyone rushing to return them. Please do not judge other people's products and services because you believe that it shouldn't work. Peter -- Peter Galbavy @ Home in Wonderland http://www.wonderland.org/ http://www.whirl-y-gig.org.uk/ http://www.demon.net Be remembered not for your final destination, but for your journey.
On Fri, 31 Oct 1997, Peter Galbavy wrote:
I is *not* a waste. It is a very good use of IP address space. We have usage density of about 99% of our allocated blocks. Meanwhile the customers love it bcause they can do things that not having an IP address would stop. Their own domain name for a start - "snark.demon.co.uk" for my dial-up. Security based on IP address. We have many many busines users who use the fact that they know what IP address a dial-up user will have to authenticate access to their corporate networks.
We originally used static addresses for dialup customers. We requested more address space, and as part of the justification procedure I was told by Kim Hubbard that we had to use dynamic address assignments for anyone that was not connected 24/7. I used the same arguments, including that you can't get any more efficient that assigning a single /32 to a single host, but was told that in the days of address scarcity we couldn't afford such a use of address space. We changed everything to dynamic, and after now having 12x the number of customers, we are still using less space than we were. Until IPv6 is widely used and address space is not so critical, we have to conserve address space and using it wisely. Perhaps in the UK there are different requirements for allocation of address space than InterNIC/ARIN. John Tamplin Traveller Information Services jat@Traveller.COM 2104 West Ferry Way 205/883-4233x7007 Huntsville, AL 35801
Perhaps in the UK there are different requirements for allocation of address space than InterNIC/ARIN.
In the UK, as in the rest of Europe, IP addresses are allocated from the same finite pool of IPv4 space you use. That's one of the reasons that InterNIC/ARIN and its counterpart regional registry in Europe, the RIPE NCC, as well as APNIC, have maintained contact and cooperation over a long period; working to identical goals, they haves developed broadly similar policies on address allocation. It is encouraging to see that policy reflected in sensible practices such as yours, and to see that it has payoffs in terms of the economies of address usage, with growing numbers of customers, that can be achieved. Regards. Mike Norris
How does Demon get away with that sort of waste?
I is *not* a waste. It is a very good use of IP address space. We have usage density of about 99% of our allocated blocks. Meanwhile the customers love it bcause they can do things that not having an well you must see the diffrence between what makes sense (from a technical point of view) and what is possible. Yes we have a huge number of private dial-up-customers who want a static ip. Some ISPs want this as well to have an easier way of accounting ... well I think A LOT of users dont really need a static ip. Have IP Addresses is no status symbole. The really problem is, that some isps from their history have large assignment windows and have a lot of class B networks. Charge your customer for a static ip. The diffrence can be very litte -> you will see a LOT of people dont really need this, and anyone really having the need of a static ip will pay you 10-20% more.
"snark.demon.co.uk" for my dial-up. Security based on IP address. security can be archieved in other ways, not quite as comfortable as with a static ip address, but this is not a good argument
We have many many busines users who use the fact that they know what IP address a dial-up user will have to authenticate access to their corporate networks.
right, but not for 19$ flat surfin accounts :-)
of the service. They want an infinite number of mailboxes, they like to be able to reconnect a dialup that drops half way through a telnet of ftp session and continue from where they left off, they like the "instant" intranet they get. Adn so on.
right - i cant tell anything about you and your service because we never touched us :-) but i have heard of cases in germany that a customer joined that isp who gave him that address space without asking why. This means those ISPs with a low AW or who take care of the Rules what to assign will loose probably a customer to another ips which doesnt take care of the rules. This cant be right! This is a general problem
I reiterate. It is not a waste. What is a waste is people like Interop having an entire class A, like PSInet having a class A, like MIT ... fill in the blanks. They just got their first, but I cannot see anyone rushing to return them.
i have read that an assignment is only valid if the conditions of the assignment didnt change. In times of RFC1597 addresses it is really hard to believe why one company has a block of 32 (!) Class B Networks, which are not - and will be never - connected to the internet because they are used in their intranet. I dont have too much time to grab in the ripe database but with a typo i found that dtag has 164.16.0.0 - 164.34.0.0 Today they WONT get this block again, so it would be fair to check, if such an assigment is still ok. I think there are a LOT of assigments which are not valid. After the fall of the german border a lot of small univercities got a class B Block, especially from 141.X.X.X Some of this networks are used with 1000-2000 Hosts. Is it right to waste such a lot of space.... I think i would be time to make some checks :-) but we are going to see the light with ipv6 so perhaps no one has an interest to gain back address space.. I dont want to point my finger to anyone, but it cant be right that new isps have to send all assigments for approval to ripe while other isps get a /16 at startup due to good connections or assign huge space due to their high AW from the past. Those ips who have large blocks or AW have an advantage which is realy $$$$ worth. THIS is the really problem not that small number of address space which is still available. I know it is hard to find a "good" way since all registries must trust the ISPS in a certain way. They cant check everything, but with a few shell scripts it would be possible to find out who has huge address space (in the Class B range) which is not used/announced. And if ripe/internet etc would ask those, who have a class B network for their actual network plan to justify the assignment, i think a lot of address space would be given back. A small company gave up and some people said, the most worth of this company is their class B Network... :-( I'm still waiting for they day, that not only domains but class B networks will be offered for $$ :-) i this about one year ago we had this discussion in this list. (Someone offered a class B net for $$) just my 0,02 Winfried Winfried Haug | SEICOM.DE & SCHWABEN.DE | Tel. 07121 9770- 0 Laiblinsplatz 12 | Internet+ISDN access & consulting | Fax. 07121 9770-19 72793 Pfullingen | Access in STGT + RT + TUE + BB + LB | Rack 07127 989-X haug@schwaben.net| 150*ISDN (64kb/X.75) / 100 * K56flex | Rack 0711 9675-X haug@seicom.net |SAP-OSS * FTP * TELNET * NETNEWS * IRC | Rack 07121 709-X * 4 MBit DE-CIX * 2 MBit WIN * 2 MBit BelWue * 2 MBit INXS * 2 MBit UU.NET *
How about a new RFC outlining a method of dynamically delivering a relay host native to whatever service provider you dial in to ?? That way, any e-mail can be traced to a supposedly responsible end-user by the victimized ISP ??
Better: The user to specifies "smtp" or "mail" as their mail server and picks up the apropriate search domain from the local ISP. Works for NNTP too! -Phil
participants (7)
-
John A. Tamplin
-
Jon Lewis
-
Mike Norris
-
Paul Peterson
-
Peter Galbavy
-
Phillip Vandry
-
Winfried Haug