North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: Despamming wholesale dialup
There are solutions available to this problem, the primary one being the "smtp-after-pop" hack that is widely available and fairly widely used. Essentially, issuing a STAT command opens up an SMTP relay window for <admin-definable> minutes, whereupon if the user hasn't issued another STAT in the mean time [e.g. they logged off] the "hole" goes away. We were using that at my last job and it works just fine. At 12:38 PM 10/30/98 -0600, Phil Howard wrote: >Bryan Bradsby wrote: > >> Block port 25 (only) from all "open modem banks" (TM) to my SMTP servers. >> If implemented on a large enough scale, the modem user will be >> 'encouraged' to use the SMTP server supplied with their account. Make each >> dialup customer go through, and be authenticated by their own SMTP server. > >I think I see an additional problem creeping in here. > >The question is whether a dialup user should use the SMTP server of the >facility provider, or of the ISP that actually resells the account. You >could have virtual ISP resellers with no facilities at all, but lets take >a look at a small ISP that does have facilities, and is reselling dialup >to a national provider so his local business customers can have roaming >access without calling an 800 number. > >If the small ISP opens their SMTP server to the IP addresses of the big >national dialup provider, which they would have to do in order to be able >to handle that roaming customer who could be just about anywhere, will >they not also be opening themselves up to being a relay for any spammer >that uses any reseller of that national provider? Will not such spammers >then have access to every ISP doing reselling via that national one? > >I think the SMTP server that should be used when dialing that national >provider is the SMTP server provided by that national provider, unless >some kind of VPN is used (to be more technically correct, use the SMTP >server of the provider of IP addressing). > >Roeland's issue still applies when the dialup customer is using his domain >name as the FROM/REPLY. But if the national provider SMTP servers accept >any domain name in the FROM/REPLY, and just log the reality as it sees it >in the header (e.g. dialup port and time which can be cross checked with >the access logs), then anyone can use these dialups, and spammers won't >get an advantage of being able to spew their filth to other than the SMTP >server of the dialup provider. > >-- > -- *-----------------------------* Phil Howard KA9WGN * -- > -- | Inturnet, Inc. | Director of Internet Services | -- > -- | Business Internet Solutions | eng at intur.net | -- > -- *-----------------------------* philh at intur.net * --
|