Re: How do you stop outgoing spam?
At 02:11 PM 9/16/2002 -0400, Greg A. Woods wrote:
2. The issue with email is authentication, not privacy. Authentication can be achieved can be achieved easily over port 25, without encryption.
Well, no, not securely it can't. You cannot have a secure authenticated service running over a raw TCP circuit across public networks.
1. You are adding to the requirement. No matter how reasonable or advisable, encryption (privacy) is a separate function from authentication. And the rationale for doing port 25 port blocking has to do with accountability, not privacy. 2. Just so there is no confusion, I meant encryption as in privacy (content encryption) rather than as part of an authentication mechanism. 3. SMTPAUTH does not require an alternate port, yet it is sufficient for ensuring accountability. Hence it is sufficient for dealing with the reason that port 25 is blocked, without requiring that it be blocked.
Hence, blocking port 25 blocks legitimately validated email, as well as possible spam.
Well, yes, but obviously that doesn't matter. This is the real world Dave.
Thanks for noticing that. That is why I keep citing the impact on real, mobile users and the implication for such minor opportunities such as wireless hotspots. d/ ---------- Dave Crocker <mailto:dave@tribalwise.com> TribalWise, Inc. <http://www.tribalwise.com> tel +1.408.246.8253; fax +1.408.850.1850
On Tue, Sep 17, 2002 at 08:29:39PM -0700, Dave Crocker wrote:
3. SMTPAUTH does not require an alternate port, yet it is sufficient for ensuring accountability. Hence it is sufficient for dealing with the reason that port 25 is blocked, without requiring that it be blocked.
I don't understand this reasoning. The ISP's justification for blocking 25 except to its own servers is to avoid having its facilities used for abuse. How would the local ISP enforce use of SMTPAUTH to connect to some remote ISP? -- Barney Wolff I'm available by contract or FT: http://www.databus.com/bwresume.pdf
At 01:33 AM 9/18/2002 -0400, Barney Wolff wrote:
3. SMTPAUTH does not require an alternate port, yet it is sufficient for ensuring accountability. Hence it is sufficient for dealing with the reason that port 25 is blocked, without requiring that it be blocked.
I don't understand this reasoning. The ISP's justification for blocking 25 except to its own servers is to avoid having its facilities used for abuse. How would the local ISP enforce use of SMTPAUTH to connect to some remote ISP?
the claim is that outbound 25 is blocked to prevent spam. however accessing a remote 25 with smtpauth ensures full accountability and, therefore, prevents spam. blocking 25 disables use of this mechanism. d/ ---------- Dave Crocker <mailto:dave@tribalwise.com> TribalWise, Inc. <http://www.tribalwise.com> tel +1.408.246.8253; fax +1.408.850.1850
On September 18, 2002 at 00:01 dhc2@dcrocker.net (Dave Crocker) wrote:
the claim is that outbound 25 is blocked to prevent spam. however accessing a remote 25 with smtpauth ensures full accountability and, therefore, prevents spam. blocking 25 disables use of this mechanism.
Part of the disagreement here is basically one of calibration, how serious and desparate the spam problem is perceived to be. One attraction of blocking port 25 is that you can now say to the any spam complaints about your users demanding an answer WE DON'T ALLOW PORT 25 ACCESS SO IT MUST BE SOMETHING ELSE and get on with your day rather than sitting and staring at the headers like tea-leaves trying to formulate a reasoned reply. Over and over and over and over and over and over and over and over and over and over and over and over (get my point?) And maybe that quick answer would even be true. Also, with blackhole lists, many running on automatic and hair-trigger, it lessens the chance that some excess mouth doesn't manage to get your entire ISP blackholed or at least makes it easier to make your case. Think about it: Some little dork with a pc can manage to get your ISP onto some widely used blackhole list and then your phones and email complaint lines really light up. Nothing like a few hundred extra customer complaints an hour to get your attention. It sucks, Dave, it doesn't suck just a little bit, it sucks kinda like anthrax in the mail sucks, spam is a wrecking ball which is successfully taking down the internet we once knew. If you find that hard to believe I invite you to sit here in my offices. I guarantee you your words at the end of the day will be "oh my f***ing god, I just didn't understand how bad it really is." And it gets worse daily. If something doesn't come along and stop it I predict in 5 years e-mail will only work in "gated" communites (corporate LANs) etc and the net will basically become this passive electronic billboard system. Blocking port 25 is kinda like the post office requiring packages over 1lb not be put in mailboxes or banning pocket knives on planes, it's become so trivial relative to the actual problem it's hardly worthwhile discussing. -- -Barry Shein Software Tool & Die | bzs@TheWorld.com | http://www.TheWorld.com Purveyors to the Trade | Voice: 617-739-0202 | Login: 617-739-WRLD The World | Public Access Internet | Since 1989 *oo*
participants (3)
-
Barney Wolff -
Barry Shein -
Dave Crocker