[95975] in North American Network Operators' Group
Re: Abuse procedures... Reality Checks
daemon@ATHENA.MIT.EDU (Kradorex Xeron)
Thu Apr 12 14:06:40 2007
From: Kradorex Xeron <admin@digibase.ca>
Reply-To: admin@digibase.ca
To: NANOG list <nanog@nanog.org>
Date: Thu, 12 Apr 2007 13:55:00 -0400
In-Reply-To: <20070412111454.ytwwaja8wkg44oo8@webmail.tvtel.pt>
Errors-To: owner-nanog@merit.edu
On Thursday 12 April 2007 06:14, Fernando Andr=E9 wrote:
> Citando Frank Bulk <frnkblk@iname.com>:
> " but imagine how much work it
>
> > would save their abuse department in the long run"
>
> I think that Comcast trouble isn't has much has the company's affected I
> keep the idea that the best is to rate limit incoming connections and a l=
ot
> of filtering to prevent the spam flood and keep hardware costs Low.
>
> Placing the filtering on the user will make the user cry a lot against
> the ISP,
> change ISP and keep the problem. They really don't care about their
> computer.
>
Agreed - 90-98% of end users could care less about their computer security,=
no=20
matter who makes them look at the problem, they just "want to chat with aun=
t=20
{lilly|mary|other} in God knows where" or to "close that business deal in N=
ew=20
York", They don't want to bother with ports, IP, firewalls, etc, and I don'=
t=20
think that will change easily.
And as said previously, the person will ignore their ISP and cancel and mov=
e=20
to another SP if the ISP hassles them with blocking their email, stopping=20
certain apps, etc.
This isn't only a spam problem. it's also a problem with personal machines=
=20
getting botnetted, virus'd, trojan'd over and over and over again.
Why? There's simply no end-user accountability.
> By using rate limit on incoming connections a lot of dynamic address's are
> blocked.
>
> "Additionally, upper management gives or takes away manpower many times
> without
> the understanding of what 'should' be done to be a good netizen and this
> defines how much effort can be spent on fixing the problems. "
>
> This is the biggest problem "upper management" really doesn't care and
> the time
> to use on this problems is not accounted.
>
Agreed again - Upper management business-types that are not involved in the=
=20
actual operations of their businesses are most of the time not clueful enou=
gh=20
to realize the problems, no matter how many times people explain it to them=
,=20
they simply only see if it's making them money.
> So controlling the number of messages that leave your SMTP server is a
> solution
> and PBL from spamhaus is a good thing ! SPF also good but will lead to
> complains
> ( tuff )
>
> Blocking tcp destination port 25 to outside the network might work well
> on small
> and without concurrent ISP, on big ones I doubt it.
>
> ------------------------------------------------------------
> Fernando Ribeiro
> ------------------------------------------------------------
>
> ----------------------------------------------------------------
> http://www.tvtel.pt - Tvtel Comunica=E7=F5es S.A.
