North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: RBL-type BGP service for known rogue networks?
[ On Sunday, July 9, 2000 at 20:51:23 (-0400), Shawn McMahon wrote: ] > Subject: Re: RBL-type BGP service for known rogue networks? > > Unfortunately, it allows for contradictions in this discussion. No, it doesn't, at least not so long as everyone understands the differences in different policy requirements. I happen to have several separate and distinct policy requirements for my SMTP server(s): - don't ever accept e-mail from any known open relay or any network block which has known open relays but won't allow finer testing. - don't ever accept e-mail from any known dial-up address. - don't ever accept e-mail from any known spammer. - don't ever allow a remote SMTP server to forge its hostname. - don't ever allow the sender address domain to be invalid. > At least one pro-ORBS person has stated that individuals should make direct > SMTP connections instead of using their provider's server, and they could thus > avoid being subject to ORBS testing of their provider. > > Oh, but sorry; if I do that, I can't send Greg A. Woods email, because his system > doesn't recognize the value in my system having the name "oa.eiv.com" all the > time, instead of me hacking together sed scripts to change my sendmail config > to read something like "user1432.fl.sprint-hsd.net" every time I get a new > dynamic IP. You've confused my policy requirements. Please see above. > If I switch to using my provider's SMTP server, now I have a security issue > because it's going through a server I don't control and which could conceivably > screw up and get itself ORBS-listed at any moment, completely outside my control. Use PGP and encrypt your e-mail if you want security and control. Either that or buy yourself a real Internet connection with a static address and run your own *real* SMTP server. -- Greg A. Woods +1 416 218-0098 VE3TCP <[email protected]> <robohack!woods> Planix, Inc. <[email protected]>; Secrets of the Weird <[email protected]>
|