On Wed, 2004-01-14 at 19:37, Tim B wrote: > > > > It's well known that filtering is *only* useful for keeping one's inbox > > uncluttered; it does nothing to interdict the flow of crap from > > upstream. You want to put a serious dent in spam? IDP broadband > > providers that give their customers direct access to port 25 on remote > > systems by default. Spam from AOL dropped to almost nothing once they > > did that. It's not trivial to filter outbound port 25 traffic but if you > > want to provide large-scale broadband access, it's mandatory to curb > > abuse. It takes money, expertise, and most importantly, the corporate > > will to be a good net neighbor and take responsibility for their users' > > actions. Most broadband providers have all but the latter; an IDP gives > > them incentive to get it or lose the rest.
This is the Wrong Answer!!! Speaking as someone who uses such a "Dynamically Assigned" IP, I can tell you I'd be royally pissed if Adelphia started blocking outbound port 25 traffic. Here's why: I have a laptop running Linux that I use for most of my email correspondance. I use sendmail on this machine as my outbound mail server. Why? I use this machine all over the darned place, and got *really* tired of having to reconfigure my email client every time I go to a different client site (I often visit 4-5 in a day). So I set up IMAPs for my incoming mail, and by using 'localhost' as my outbound mail server, I never have to change my config. If ISP's started blocking port 25 outbound except to their servers, I would then be forced to change my config every time I move my system. Only a few clicks, but aggravating just the same. As it is, AOL drives me insane because I can't send mail from my Cable Modem to AOL addresses because of their stoopid "Email originated from a dynamically assigned IP address" filter. So I have to bounce it off another server when I send to AOHell (which, fortunately, is very rare). As the admin for a small ISP, I don't block anything outbound because I repect people's choice to do what they will with the connection they pay for. I do carefully review what comes _in_ on a regular basis, as well as post what's allowed in and what's not on the systsem's website. I do, however, watch fo rthe obvious, like large spikes in smtp traffic, or lots of outbound port 135 probes, and notify the affected luser of the problem. And I get cranky _only_ if they don't do the right thing, or simply don't respond. So... rather than just say why that's a bad idea, here's what I think should be (in fact, I think it's only a matter of time until it *will* be) the alternative: ISP's must include in their terms of service a clause that says that if a user is found to be sending spam/ viruses/ etc., they will be shut off. Permanently, and without recourse. And then, they must follow up on those threats. Watch traffic flow carefully (they already should be) and the instant they see an abuse, shut them down. Simple. Pretty soon, word will spread that xyz ISP REALLY enforces their anti spam clause, and the spammers will no longer have an avenue. And, regarding zombie machines, here's my revolutionary thought for the day: If people were held fiscally responsible for the damage that their machines did to others, you'd see a large decrease in viruses, spam and general issues due to neglectful and/ or ignorant computer users. An example: Say Joe Blow has a computer that gets a virus. The virus does 2 things: 1. Opens a back door through which evil people (I'll call them spammers for argument's sake ;^) can take control of their machine, and 2. Starts probing other machines for the same vulnerability that allowed it to get infected and infecting them with the same backdoor. Joe Blow is blissfully ignorant of this for oh, say, 3 months (and as the admin for a Cable system, I can tell you that happens every damned day) until he gets a call from the lawyer representing ABC corp. It seems that Joe's computer has been being used as a spam host (because the spammers sent out a little bot that found all the trojaned machines that had a fat internet connection like Joe's), and that ABC Corp has been receiving huge volumes of Spam selling everything from "V" pills to p0rn to diet pills, to everyone in the company. About 1000 people. ABC Corp figured out what was going on after a while and blocked incoming mail from Joe Blow's dynamically assigned IP Block, but not before receiving a few hundred thousand spam messages that originated on Joe Blow's PC. So, they did a little math, and figured that by the time all was said and done (administrator's salaries and overtime, employee loss of productivity reading/ deleting the spam, etc.), they'd spent a few thousand dollars dealing with the spam that Joe's PC had sent. And now the lawyer for ABC Corp is demanding that Joe reimburse them for the expense. Joe defends himself, and loses in court (Gee, your honor, I know I should use antivirus software and a personal firewall, but it's just too darned much work). Word gets around that Joe got sued and lost. Most people think ABC Corp is evil because they sued Joe, who's just another clueless internet luser, but then they start to think: I wonder if _my_ computer is sending spam? And a whole bunch of people go home that day, and update their antivirus definitions, and install personal firewall software on their PC's. Some of them even call or email their friends and tell them to do the same. Over the course of a few thousand Joe's getting their arses sued, people get the message: Computers are like cars. If you crash your car into someone else's car (or house, or business), you're gonna pay for the damage you caused. If your computer causes someone else harm, You're gonna pay. Period. I'll take the car analogy a bit further: In your car, you make sure that things like your brakes work. 'Cause you don't want to pay for someone else's car. And you know that if you have an accident, and the cops look at your car and see it's got no damn brakes, you're liable for the accident. Period. It _should_ work the same for computers... if your computer causes harm to someone else because you were too damn dumb and/or lazy and/or cheap to install and update your antivirus definitions (i.e. properly maintain your PC), then you were negligent in the operation of said computer, and you're liable for the damage it causes. End of story. And that's the way I see it from this perspective. ISP's shouldn't be held liable for the (in)actions of their clueless lusers, clueless lusers should be held responsible for their own (in)actions. After all... unless the road actively contributed to the accident, we don't sue the road crew when we crash our cars... Sheesh! Ok, too much thinking for an evening. Where's my beer?! Rubin -- Rubin Bennett <[EMAIL PROTECTED]> RB Technologies
signature.asc
Description: This is a digitally signed message part
