Re: question on ptr rr
buy a 1U, put it in a colo center (should cost you about $50/month) and proxy all your outbound mail from there. stop thinking of broadband as anything other than a lastmile protocol between your house and your own piece of the internet core.
This is darn good advice. And to expand on it further, it is time to stop thinking of Simple Mail Transport Protocol (SMTP) as the way for everybody to send email. For some strange reason we have managed to develop two protocols for end users to use in talking to their mail service provider (POP and IMAP) but neither of them allow the end user to send email. One would think that an authenticated session with an email service provider would be the natural protocol to use for injecting end user email into the system. Imagine a world in which only ISPs run SMTP servers which only talk directly to other servers with which they have an offline relationship. A world in which everybody hands over their email to an ISP for onward delivery in order to get it into the system. A world in which it is virtually impossible to send anonymous or forged email without the cooperation of an ISP. To get to this world we have to stop trying to fix the SPAM problem. Instead, we have to fix the email architecture problems which have created the environment in which SPAM can thrive. A new architecture might not prevent SPAM but if it makes spamming hard to do and has rate limits that make it very hard to do high volumes of unauthorized email then most people will not care about the small volume of SPAM. We need to start with an Email Service Consortium with a code of email server practices in which the larger ISPs agree to stop accepting SMTP connections from anyone who is not in the consortium or a customer. This will get everyone implementing a set of well-known and consistent controls. We need to add email sending capability to both POP and IMAP so that eventually we can all block port 25 entirely from broadband/dialup edges. And we need to reinstate the use of SMTP relays in order for smaller ISPs to have access to the core of the email system. --Michael Dillon
* Michael.Dillon@radianz.com (Michael.Dillon@radianz.com) [Mon 09 Feb 2004, 11:40 CET]:
Imagine a world in which only ISPs run SMTP servers which only talk directly to other servers with which they have an offline relationship. A world in which everybody hands over their email to an ISP for onward delivery in order to get it into the system. A world in which it is virtually impossible to send anonymous or forged email without the cooperation of an ISP.
Yuck. (I'm getting flashbacks to a certain Dr. Strangelove scene right now. And to some from Brazil, too.) -- Niels. -- Blessed are the Watchmakers, for they shall inherit the earth.
Michael.Dillon@radianz.com writes:
We need to add email sending capability to both POP and IMAP so that eventually we can all block port 25 entirely from broadband/dialup edges.
What's wrong with port 587 (rfc 2476 sec. 3.1) and requiring SMTP AUTH (rfc 2554), as people have widely deployed today? The problem is education; the technology is already widely available and deployed.
And we need to reinstate the use of SMTP relays in order for smaller ISPs to have access to the core of the email system.
This is obviously some use of the term "need" to which I am heretofore unaccustomed. ---Rob
At 08:40 AM 2/9/2004, Robert E. Seastrom wrote:
Michael.Dillon@radianz.com writes:
We need to add email sending capability to both POP and IMAP so that eventually we can all block port 25 entirely from broadband/dialup edges.
What's wrong with port 587 (rfc 2476 sec. 3.1) and requiring SMTP AUTH (rfc 2554), as people have widely deployed today? The problem is education; the technology is already widely available and deployed.
It'd be really nice is mail client programs had an easy way for users to configure these settings. We have to walk our clients through the advanced settings in Outlook Express, Eudora, and other programs often.
buy a 1U, put it in a colo center (should cost you about $50/month) and proxy all your outbound mail from there. stop thinking of broadband as anything other than a lastmile protocol between your house and your own piece of the internet core. This is darn good advice.
no, it's sorely broken, as it breaks the e2e internet
On Mon, 09 Feb 2004 10:38:20 GMT, Michael.Dillon@radianz.com said:
Imagine a world in which only ISPs run SMTP servers which only talk directly to other servers with which they have an offline relationship.
70K user. 40M .coms. N*M. Gee thanks. That's too damned many relationships to negotiate. And I think we learned our lesson with 'ADMD= PRMD=', didn't we?
On 09.02.2004 17:59 Valdis.Kletnieks@vt.edu wrote:
On Mon, 09 Feb 2004 10:38:20 GMT, Michael.Dillon@radianz.com said:
Imagine a world in which only ISPs run SMTP servers which only talk directly to other servers with which they have an offline relationship.
70K user. 40M .coms. N*M. Gee thanks. That's too damned many relationships to negotiate. And I think we learned our lesson with 'ADMD= PRMD=', didn't we?
Moreover: which ISP would take responsibility that the email is delivered properly to the destination. Today all ISP just do best-effort. This model won't work ... Arnold
Imagine a world in which only ISPs run SMTP servers which only talk directly to other servers with which they have an offline relationship.
70K user. 40M .coms. N*M. Gee thanks. That's too damned many relationships to negotiate. And I think we learned our lesson with 'ADMD= PRMD=', didn't we?
it's a real shame that exponential growth can only occur in wormnets, and that there's no such thing as transitive trust amongst humans. otherwise we could build a trusted "smtp web" out of multilateral trust relationships and existing X.509 technology, and it would become possible to know from the SSL whether an smtp initiator has signed a loyalty oath similar to your own, and if they then misbehave it would be possible to find out who let them in and prune the whole branch. six degrees of separation and all that. but i guess i'm still a few years ahead of myself on this one. -- Paul Vixie
...
Agreed. However, this...
We need to start with an Email Service Consortium with a code of email server practices in which the larger ISPs agree to stop accepting SMTP connections from anyone who is not in the consortium or a customer. This will get everyone implementing a set of well-known and consistent controls.
...is not practical. Remember the true street-level definition of spam: "spam is e-mail you didn't want that wasn't sent by me or my customers." Trying to form an E-S-C under those conditions is unthinkable or useless. -- Paul Vixie
participants (8)
-
Arnold Nipper -
Daniel Senie -
Michael.Dillon@radianz.com -
Niels Bakker -
Paul Vixie -
Randy Bush -
Robert E. Seastrom -
Valdis.Kletnieks@vt.edu