|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: Misguided SPAM Filtering techniques
> You should have used the oppurtunity to educate your customer. Email is a > best-effort, no receipt service. It is simply not appropriate to use for > business-critical communication without some kind of confirmation of > receipt. That sounds like a statement from the dawn of the ARPAnet. Email is a best effort service, sure. In an ideal world, people would not use it for business-critical communication. But that train left the station a decade ago; if you design your network around the assumption that email is just going to spontaneously vanish sometimes and that's OK, you'll have lower customer satisfaction ratings than chlamydia does. > The hotel didn't really do the wrong thing. Yes it did. It silently hijacked traffic directed for his email server and directed it to an unrelated server. That is never, ever acceptable behavior for a network. Full stop. If they *insist* on hijacking a better response would be to point all port 25 traffic except relay.cluefreehotel.dom to an internal address with an SMTP server that did nothing but issue a 550 with a Web page link that would show the user how to configure Outlook/ OE/ Thunderbird/ Mail.app to send via the hotel's relay server. That way the user knows something bad is happening. The problem is then the hotel has to deal with annoyed users, whereas with the hotel's silent hijacking solution many users don't know enough to be annoyed until after they've left, and may be annoyed at a third party rather than the hotel. Win for the hotel, lose for everybody else. > Blocking it is not a very good solution either because > people who are not sophisticated will just be unable to send mail. Blocking means people who are not sophisticated will be unable to send email and will *know* that they are unable to send email. Silently hijacking means those people will be unable to send email to much (though not all) of the Internet with no idea which messages are successful and which aren't. > You should blame whoever decided not to accept *any* email from the hotel > just because *some* of the email was spam. That person knew or should have > know that some of that email might be business critical. Hmm, that was > *YOU*. Yep, and my company's customer. Each of us had decided, independently, that a host that appeared on a Spamhaus.org blacklist was not allowed to talk to our mail servers. Both of us operated on the assumption that there was not a host in the middle silently hijacking packets. Those assumptions were wrong in this case, but not IMO unreasonable. On the bright side, the customer has now learned to do what my staff already do, which is use an alternate port with encryption, use VPN as a fallback plan, and failing that go somewhere else for Internet access. -- Dave Pooser, ACSA Manager of Information Services Alford Media http://www.alfordmedia.com
|