North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: How do you stop outgoing spam?

  • From: Brad Knowles
  • Date: Tue Sep 17 14:25:54 2002
  • Reply-by: Wed, 1 Jan 1984 12:34:56 +0100

At 1:51 PM -0400 2002/09/17, Greg A. Woods wrote:

 No, Dave's second sentence is not true, thus his conclusion is bogus.
Dave was talking about "normal" TCP connections, and I was following the same model.

If you're talking about hi-jacking the TCP connection, then you are correct.

 If you're talking about commercially available product, perhaps....

 However this kind of thing is trivial with basic IPsec gateways and
 simple filtering ala IP Filter, etc.
How many ISPs use IPsec gateways and simple filtering with tools like IP filter? How scalable is this sort of thing? Could AOL do it with dozens or hundreds of OC-48 and OC-96 links? How long would it take to fix all the ISPs in the world that might potentially do transparent proxying of port 25? And where is the intelligence to selectively forward only those connections that are themselves encrypted and authenticated?

--
Brad Knowles, <[email protected]>

"They that can give up essential liberty to obtain a little temporary
safety deserve neither liberty nor safety."
-Benjamin Franklin, Historical Review of Pennsylvania.

GCS/IT d+(-) s:+(++)>: a C++(+++)$ UMBSHI++++$ P+>++ L+ !E W+++(--) N+ !w---
O- M++ V PS++(+++) PE- Y+(++) PGP>+++ t+(+++) 5++(+++) X++(+++) R+(+++)
tv+(+++) b+(++++) DI+(++++) D+(++) G+(++++) e++>++++ h--- r---(+++)* z(+++)