North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Spam Control Considered Harmful

  • From: Greg A. Woods
  • Date: Thu Oct 30 00:33:28 1997

[ On Wed, October 29, 1997 at 18:14:38 (-0600), John A. Tamplin wrote: ]
> Subject: Re: Spam Control Considered Harmful
> On Wed, 29 Oct 1997, Dalvenjah FoxFire wrote:
> > Is there a good reason why the throwway folks (those mentioned above)
> > haven't blocked port 25 from their dialups to the outside internet?
> We are an ISP and we don't block our dialups from going to port 25 elsewhere
> because this would eliminate their ability to rightfully use another mail
> server.

That's all fine and dandy just so long as you trust your customers and
you are certain they will adhere to your AUP.

However if you offer cheap dial-up accounts that can be opened either
immediately, perhaps with a credit card number, then you've got no real
way to establish *any* level of trust with your new customers and indeed
the only way you can enforce your AUP is by technical means.  I.e. if
your AUP says no spamming then you *must* implement controls that
prevent new customers from spamming.  Period.  Otherwise Joe Spammer
just buys a one-time (throw-away) account from you and violates your AUP
under false pretenses.  I've even heard first-hand rumours that many
spammers offer fraudulent credit card numbers and personal
identification so you can't even try to bill them extra for breaking
their contract.

> This frequently occurs when a user accesses a mail server at work
> from their home dialup account.  If other ISPs did this, we would have a
> problem where a user dialing into their ISP couldn't reach their virtual
> mail server, hosted on our network.  We currently don't have many going
> the other way, but that may change.

There's no excuse for this.  The user should (and must in the proposed
plan) use the mail relay operated by the ISP they dial into for *all*
outgoing mail.

Only under a full roaming system where authentication information
originates from the "home" ISP can you allow the user to connect to any
other mail relay server, and in fact in this case you probably want to
restrict them to only thie rhome ISP's mail relay server and not allow
them to use your own local mail relay server.

> In our case, this doesn't help since we and all the other local ISPs block
> relay access, so you have to use the mail server of the ISP you are
> currently connected to.

Exactly, so what's the problem?

							Greg A. Woods

+1 416 443-1734      VE3TCP      <[email protected]>      <robohack!woods>
Planix, Inc. <[email protected]>; Secrets of the Weird <[email protected]>