[57852] in North American Network Operators' Group
Re: Open relays and open proxies
daemon@ATHENA.MIT.EDU (Valdis.Kletnieks@vt.edu)
Fri Apr 25 09:03:52 2003
To: Daniel Concepcion <dani@danielcp.net>
Cc: NANOG <nanog@merit.edu>
In-Reply-To: Your message of "Fri, 25 Apr 2003 14:31:57 +0200."
<200304251431.57476.dani@danielcp.net>
From: Valdis.Kletnieks@vt.edu
Date: Fri, 25 Apr 2003 09:01:40 -0400
Errors-To: owner-nanog-outgoing@merit.edu
--==_Exmh_-732074052P
Content-Type: text/plain; charset=iso-8859-1
Content-Transfer-Encoding: quoted-printable
On Fri, 25 Apr 2003 14:31:57 +0200, Daniel Concepcion <dani@danielcp.net>=
said:
> I think that the end of the spam and open relays will be when the smtp=
=
> servers talk only with servers with trust. =
There's 40 million .com's out there. Which ones do I trust?
> The bgp approach peering and transit will be ported to a new smtp proto=
col.
> Other approach could be the dns system. A central authority that will h=
ave =
> registered the stmp servers. This servers could delegate in other serv=
ers, =
> etc. =
The routing registries have fixed *all* those problems for BGP, haven't t=
hey?
Remember - if an ISP will sell bandwidth to a spammer, they will sell a
registration for their SMTP server. Any "central registry/DNS/whatever"
scheme has to allow for that reality.
Say this over and over until you understand: No anti-spam solution that
involves asking either the spammer or their network provider any variant =
of the
question "Are you a good witch or a bad witch?" can *possibly* work, beca=
use
the spammer and their network provider both have reasons to lie and say "=
Good
Witch". If you're going to ask *anybody*, it has to be a reputable
*disinterested* third party. That's why RBLs are popular (and note the
"disinterested" requirement - many RBLs become unpopular when they start
using their entries to chase political agendas...)
> I don't know if is out there some draft about a new secure and spam fre=
e smtp
=
> protocol. But may be interesting for the big players that loose money =
> (Bandwith, servers, staff, etc) accepting spam for their users.
Part of the problem is shady ISP's who *MAKE* money selling bandwidth/etc=
to
the spammers. =
--==_Exmh_-732074052P
Content-Type: application/pgp-signature
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
Comment: Exmh version 2.5 07/13/2001
iD8DBQE+qTG0cC3lWbTT17ARAuitAJ93DhNNL1NPwMzLCz6SyrwRxdFD5QCdEM48
NhwoymguHiJHboaoT25iftg=
=k9gV
-----END PGP SIGNATURE-----
--==_Exmh_-732074052P--
