|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: How to secure the Internet in three easy steps
> > not just the bad people. all the people. a network with 2 or 3 in place > > is useless. there is no way to make 2 or 3 happen. > As part of their anti-spam efforts, several providers block SMTP port > 25, and force their subscribers to only use that provider's SMTP > relay/proxy to send mail. Why not extend those same restrictions to > other (all) protocols? each protocol that becomes as widely abused as smtp has been, will be blocked, since blocking will save the ISP money. you also mentioned proxying of web traffic, which due to banner ads often makes the ISP money. this whole thing is really about money. but "1" isn't getting done because the money that could be saved is by ISP "B" whereas the money which must be spent is by ISP "A". so, the nondeployment of BCP38 is all about money, too. the thing i'm trying to work my way back to is that "2" and "3" can be argued to restrict desireable freedoms (like reaching SMTP or WWW servers without being forced to use a local proxies) whereas "1" has no arguments against it, or at least no arguers here on nanog today. why lump them all three together? PS. you mentioned AOL, which uses IP framing in order to leverage off of the IP stack already present in their customer's computers, but other than that it's a captive application. what addresses are used doesn't really matter there in any global sense, nor proxies or nats or whatever.
|