North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: Despamming wholesale dialup
Yeah, but the SMTP will fail, then it will POP. The subsequent SMTP will go through. Eudora (<4.1) also did that. Although Eudora 4.1+ now do parallel tasks, so all bets are off on which one will hit and take effect first. :) But this thread has severely degraded beyond the scope of NANOG. I think we should take this one off-list. D At 05:58 PM 10/30/98 -0500, Dean Anderson wrote: >Unless you use Microsoft products. Outlook smtp's, then pops. > > --Dean > >At 02:45 PM 10/30/98 -0800, Derek Balling wrote: >>There are solutions available to this problem, the primary one being the >>"smtp-after-pop" hack that is widely available and fairly widely used. >> >>Essentially, issuing a STAT command opens up an SMTP relay window for >><admin-definable> minutes, whereupon if the user hasn't issued another STAT >>in the mean time [e.g. they logged off] the "hole" goes away. >> >>We were using that at my last job and it works just fine. >> >>At 12:38 PM 10/30/98 -0600, Phil Howard wrote: >>>Bryan Bradsby wrote: >>> >>>> Block port 25 (only) from all "open modem banks" (TM) to my SMTP servers. >>>> If implemented on a large enough scale, the modem user will be >>>> 'encouraged' to use the SMTP server supplied with their account. Make each >>>> dialup customer go through, and be authenticated by their own SMTP >server. >>> >>>I think I see an additional problem creeping in here. >>> >>>The question is whether a dialup user should use the SMTP server of the >>>facility provider, or of the ISP that actually resells the account. You >>>could have virtual ISP resellers with no facilities at all, but lets take >>>a look at a small ISP that does have facilities, and is reselling dialup >>>to a national provider so his local business customers can have roaming >>>access without calling an 800 number. >>> >>>If the small ISP opens their SMTP server to the IP addresses of the big >>>national dialup provider, which they would have to do in order to be able >>>to handle that roaming customer who could be just about anywhere, will >>>they not also be opening themselves up to being a relay for any spammer >>>that uses any reseller of that national provider? Will not such spammers >>>then have access to every ISP doing reselling via that national one? >>> >>>I think the SMTP server that should be used when dialing that national >>>provider is the SMTP server provided by that national provider, unless >>>some kind of VPN is used (to be more technically correct, use the SMTP >>>server of the provider of IP addressing). >>> >>>Roeland's issue still applies when the dialup customer is using his domain >>>name as the FROM/REPLY. But if the national provider SMTP servers accept >>>any domain name in the FROM/REPLY, and just log the reality as it sees it >>>in the header (e.g. dialup port and time which can be cross checked with >>>the access logs), then anyone can use these dialups, and spammers won't >>>get an advantage of being able to spew their filth to other than the SMTP >>>server of the dialup provider. >>> >>>-- >>> -- *-----------------------------* Phil Howard KA9WGN * -- >>> -- | Inturnet, Inc. | Director of Internet Services | -- >>> -- | Business Internet Solutions | eng at intur.net | -- >>> -- *-----------------------------* philh at intur.net * -- >> >> >> >++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ > Plain Aviation, Inc [email protected] > LAN/WAN/UNIX/NT/TCPIP http://www.av8.com >++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
|