North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Misguided SPAM Filtering techniques

  • From: Owen DeLong
  • Date: Tue Oct 23 13:30:29 2007



On Oct 23, 2007, at 1:28 AM, Adrian Chadd wrote:


On Tue, Oct 23, 2007, Dave Pooser wrote:


It seems to me that blocking port 25 by default and unblocking on request
would be an ideal low-maintenance solution that would reduce spam
considerably, and has the added benefit of being on-topic for NANOG.

For those of you who run Cisco kit; you can also use WCCPv2 to redirect 25/TCP -in hardware path without policy routing- to a farm of servers. Its actually documented in the WCCPv2 specification - you can redirect arbitrary TCP/UDP ports. Think of the possibilities. (I don't think the CRS does WCCP :P but it'll be in hardware path on 6500/7600 on anything >= SUP2/PFC2; 3560/3750/4500/4948; It'll also be in CEF path IIRC on software platforms.)

This behavior is exactly the kind of irritating misguided action which launched
my initial complaint.


The problem is that your server farm won't match my expectations for STARTTLS,
which then prevents me from engaging SMTPAUTH and sending my mail.


My mail severs aren't open relays, but, I am able to send email through them from
any non-broken internet connection.


The issue is the increasingly high percentage of internet connections which are
becoming broken. So far, the only "justification" for this behavior posted is the
inability of the folks in Redmond to deliver non-broken software such that a large
enough fraction of portable machines are able to "credential hijack" from stored
credentials on the machine and impersonate the operator while botted.


I really wish we could find a way to punish the folks in Redmond and the people
whose hosts are botted instead of punishing everyone else for their errors.


Owen