[55624] in North American Network Operators' Group
Re: Remote email access
daemon@ATHENA.MIT.EDU (John R Levine)
Tue Feb 4 13:50:49 2003
Date: 4 Feb 2003 13:50:14 -0500
From: "John R Levine" <johnl@iecc.com>
To: "JC Dill" <inet-list@vo.cnchost.com>
Cc: "nanog@merit.edu" <nanog@merit.edu>
In-Reply-To: <3E400687.9050102@vo.cnchost.com>
Errors-To: owner-nanog-outgoing@merit.edu
> Blocking "direct-from-dialup" spam is best done on the receiving end,
> blocking *unauthenticated* SMTP connections made directly from dial-up
> IPs.
If there were a definitive list of dialup and DHCP IP ranges, I might
agree. But after some years of compiling the MAPS DUL, Pan Am's PDL, the
osirusoft list, and who knows how many others, there isn't, so I don't see
how that's a practical approach. Blocking outbound SMTP also prevents
relay exploits of unsecured servers that will never be secured, and
there'll never be a definitive list of them, either.
> IMHO, to block ALL outbound port 25 traffic
> on the sending end is throwing the baby out with the bathwater.
It certainly is, but for most ISPs, there's a very small baby in a huge
tub of spam. Remember that this whole question only occurs for dialup or
DHCP users who are not using their ISP's mail service. While that
probably includes just about everyone you and I know, overall, it's a
teensy minority of ISP customers.
Regards,
John Levine, johnl@iecc.com, Primary Perpetrator of "The Internet for Dummies",
Information Superhighwayman wanna-be, http://iecc.com/johnl, Sewer Commissioner
"A book is a sneeze." - E.B. White, on the writing of Charlotte's Web
