North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Misguided SPAM Filtering techniques

  • From: Dave Pooser
  • Date: Wed Oct 24 00:09:46 2007

> You should have used the oppurtunity to educate your customer. Email is a
> best-effort, no receipt service. It is simply not appropriate to use for
> business-critical communication without some kind of confirmation of
> receipt.

That sounds like a statement from the dawn of the ARPAnet. Email is a best
effort service, sure. In an ideal world, people would not use it for
business-critical communication. But that train left the station a decade
ago; if you design your network around the assumption that email is just
going to spontaneously vanish sometimes and that's OK, you'll have lower
customer satisfaction ratings than chlamydia does.

> The hotel didn't really do the wrong thing.

Yes it did. It silently hijacked traffic directed for his email server and
directed it to an unrelated server. That is never, ever acceptable behavior
for a network. Full stop. If they *insist* on hijacking a better response
would be to point all port 25 traffic except relay.cluefreehotel.dom to an
internal address with an SMTP server that did nothing but issue a 550 with a
Web page link that would show the user how to configure Outlook/ OE/
Thunderbird/ to send via the hotel's relay server.  That way the
user knows something bad is happening. The problem is then the hotel has to
deal with annoyed users, whereas with the hotel's silent hijacking solution
many users don't know enough to be annoyed until after they've left, and may
be annoyed at a third party rather than the hotel. Win for the hotel, lose
for everybody else.

> Blocking it is not a very good solution either because
> people who are not sophisticated will just be unable to send mail.

Blocking means people who are not sophisticated will be unable to send email
and will *know* that they are unable to send email. Silently hijacking means
those people will be unable to send email to much (though not all) of the
Internet with no idea which messages are successful and which aren't.

> You should blame whoever decided not to accept *any* email from the hotel
> just because *some* of the email was spam. That person knew or should have
> know that some of that email might be business critical. Hmm, that was
> *YOU*.

Yep, and my company's customer. Each of us had decided, independently, that
a host that appeared on a blacklist was not allowed to talk to
our mail servers. Both of us operated on the assumption that there was not a
host in the middle silently hijacking packets. Those assumptions were wrong
in this case, but not IMO unreasonable. On the bright side, the customer has
now learned to do what my staff already do, which is use an alternate port
with encryption, use VPN as a fallback plan, and failing that go somewhere
else for Internet access.
Dave Pooser, ACSA
Manager of Information Services
Alford Media