I wish they'd use it and make it the default. But I do not wish to pay even more for my account because of the increased stupid luser support calls that would generate. Getting plain old dialup or DSL working is beyond most people. And many of them do not want to use something special like "TotalAccess." So....
If someone is so clueless that they can't enter a password to connect to their SMTP server, they will probably have trouble setting up their portable computer to access Earthlink's allegedly open relay through a non-Earthlink Internet access point anyway.
People connecting directly to Earthlink's network (i.e. the _vast_ majority of Earthlink's customers) will not need separate SMTP authentication since, presumably, they had to identify themselves to make their PPP/DSL/etc. connection in the first place. Earthlink has toll-free/local dial-up numbers for mobile users, right?
And for what it is worth the tarpit approach they have is technically superior when faced with the throwaway account or the legitimate account that is hijacked by a spamming virus. (And with the password protection on Microsoft stuff you can bet the virus writers are already quite capable of pirating MS user's ISP passwords.)
No reason they couldn't use both SMTP-AUTH and their tarpit "solution."
As I say they've not thought the problem through properly at DSBL.
Sure they have. There's NO legit reason to have an open relay. End of story. Earthlink's "solution," as you have described it, still allows criminals to hide their identities by using Earthlink servers as an anonymizer. It just reduces the scope of the problem. But again I'm skeptical that they really allow unauthenticated SMTP relays from systems outside their network, potentially exposing themselves to significant legal liability.
AND at Apache they are using it in an ill considered way to simply block email rather than score email. *NEVER* use a BL to utterly dispose of mail
You and I are in complete agreement on this point. But DSBL is one of the best blacklists around. If it's possible that you're mistaken about Earthlink allowing ANYONE to relay a message through their servers, call Earthlink and ask them to follow DSBL's simple de-listing procedure. It is more likely that some clueless Earthlink customer screwed up, misconfigured some DSBL software setup, and accidentally got their own mail relay listed.
