North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Remote email access

  • From: John R Levine
  • Date: Tue Feb 04 13:52:35 2003
  • Cleverness: None detected

> Blocking "direct-from-dialup" spam is best done on the receiving end,
> blocking *unauthenticated* SMTP connections made directly from dial-up
> IPs.

If there were a definitive list of dialup and DHCP IP ranges, I might
agree.  But after some years of compiling the MAPS DUL, Pan Am's PDL, the
osirusoft list, and who knows how many others, there isn't, so I don't see
how that's a practical approach.  Blocking outbound SMTP also prevents
relay exploits of unsecured servers that will never be secured, and
there'll never be a definitive list of them, either.

> IMHO, to block ALL outbound port 25 traffic
> on the sending end is throwing the baby out with the bathwater.

It certainly is, but for most ISPs, there's a very small baby in a huge
tub of spam.  Remember that this whole question only occurs for dialup or
DHCP users who are not using their ISP's mail service.  While that
probably includes just about everyone you and I know, overall, it's a
teensy minority of ISP customers.

Regards,
John Levine, [email protected], Primary Perpetrator of "The Internet for Dummies",
Information Superhighwayman wanna-be, http://iecc.com/johnl, Sewer Commissioner
"A book is a sneeze." - E.B. White, on the writing of Charlotte's Web