[52178] in North American Network Operators' Group
Re: How do you stop outgoing spam?
daemon@ATHENA.MIT.EDU (Scott Francis)
Wed Sep 18 15:34:32 2002
Date: Wed, 18 Sep 2002 12:31:35 -0700
From: Scott Francis <darkuncle@darkuncle.net>
To: Brad Knowles <brad.knowles@skynet.be>
Cc: nanog@merit.edu
Mail-Followup-To: Scott Francis <darkuncle@darkuncle.net>,
Brad Knowles <brad.knowles@skynet.be>, nanog@merit.edu
In-Reply-To: <a05200508b9ad25d2e8bb@[10.0.1.25]>
Errors-To: owner-nanog-outgoing@merit.edu
--lIdIj/ncdD+VcXt4
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
On Tue, Sep 17, 2002 at 08:35:03PM +0200, brad.knowles@skynet.be said:
[snip]
> > Much more complex to implement and manage; doesn't scale well. The fewer
> > decisions the anti-spam system has to make, the better it will work. If=
it
> > only has to decide whether or not a specific IP/port combination has=20
> > exceeded
> > a certain threshold, it will run much more smoothly than if it's examin=
ing
> > the contents of each packet.
>=20
> Indeed, that will be a lot more scalable. But if you still have=20
> to look into each packet to see which ones are link encrypted (and=20
> therefore should be left alone) and which ones aren't (and therefore=20
> should be transparent proxied and/or traffic-shaped), that is quite a=20
> bit more work.
>=20
> The question is how much abuse is too much? Is it okay to allow=20
> all open port 25 connections (traffic-shaped to low average=20
> bit-rates), or is any abuse too much?
Even the best solution will only approach 100% effectiveness as a limit. As
in many things, it's a tradeoff - how much hassle are you willing to undergo
for a steadily-diminishing return, 80/20 rule, etc. Personally, I'd be happy
for 80% of the operators out there to implement the easiest 80% of things
required to stop spam. If people would just take even the most basic of ste=
ps
required to block spam, the picture would improve drastically for all of us.
--=20
-=3D Scott Francis || darkuncle (at) darkuncle (dot) net =3D-
GPG key CB33CCA7 has been revoked; I am now 5537F527
illum oportet crescere me autem minui
--lIdIj/ncdD+VcXt4
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (FreeBSD)
iD8DBQE9iNSXWaB7jFU39ScRArKrAKCoCYS43P9W2qukMvp/YSZZ6FnJtwCcDeJV
AT6tiWBoM1L8TKl0YrpZZgM=
=Fqoq
-----END PGP SIGNATURE-----
--lIdIj/ncdD+VcXt4--
