[69532] in North American Network Operators' Group
RE: Lazy network operators
daemon@ATHENA.MIT.EDU (Stephen J. Wilcox)
Wed Apr 14 05:02:43 2004
Date: Wed, 14 Apr 2004 10:01:51 +0100 (BST)
From: "Stephen J. Wilcox" <steve@telecomplete.co.uk>
To: Michel Py <michel@arneill-py.sacramento.ca.us>
Cc: John Curran <jcurran@istaff.org>, <nanog@merit.edu>
In-Reply-To: <DD7FE473A8C3C245ADA2A2FE1709D90B0DB091@server2003.arneill-py.sacramento.ca.us>
Errors-To: owner-nanog-outgoing@merit.edu
On Tue, 13 Apr 2004, Michel Py wrote:
> > John Curran wrote:
> > If we can fix this by changing default behavior to make such machines less
> > useful to hackers, while still allowing anyone who wants to originate to do
> > so at will via configuration, what is the harm?
>
> Besides architectural purity (which still bears weight) the problem is that
> configuration costs money. I have my own SMTP server at home because I'm not
> happy with my ISP's smarthost.
>
> That same ISP can't reverse-lookup my static IP to return a PTR that has my
> domain name in it, explain me how they will build a filter that un-filters
> port 25 for my IP and does not for the next one.
Not being happy with the ISP's smarthost is not justification to run your own;
you should change ISPs.. assuming we implement this locked down model it will be
necessary to treat all users as equals without priviledge and charge a premium
to allow them to use their own smarthost and to have rDNS. (I'm sure they can
reconfigure your PTR but choose not to for policy reasons - same reasons)
Steve
