Merit Network
Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: How do you stop outgoing spam?

  • From: Dave Crocker
  • Date: Wed Sep 18 13:37:46 2002

At 01:09 PM 9/18/2002 -0400, Greg A. Woods wrote:
> I guess the last 20 years of Internet use have been entirely invalid
> then.
Not necessarily -- it's a matter of what level of risk is acceptable in
a given scenario.
Thank you. That was my point.

It therefore is essential to pay attention to fixing only real-world problems that have an operational basis -- or an extraordinarily unacceptable downside -- before imposing significant change on a large installed base of users.


However we've now reached a point where spammers resort daily to theft
of service against remote mail server and to direct attacks against
target remote mail servers.
As bad as that is, it is a long way from stealing connections. Entirely different technical basis.

The current situation is technically trivial. Stealing connections is not. Perhaps that is why the former happens all the time and the latter does not.


You're pointing out that some users don't want to live with that more restrictive framework.
I am pointing out that there is a balancing act to perform, and that 100 million users is more than "some".

And lest you note that all 100 million are not mobile, and that some mobile users are not inconvenienced, I'll respond that whatever the number is, the impact on mobile hotspot users should finish the question about scale of the impact.


I.e. you can do what you want to do if you use the right tools, but you
can't do it over TCP port 25.
If you think a bit harder about your assertion, you will realize that the port number neither creates nor restricts the protection.

All that changing the port number does is to impose guaranteed inconvenience on the entire population of mobile users.


>  Too bad the 100 million current Internet users do not know that.
Indeed it is.  Your kind of F.U.D. doesn't help any either.
Noting the impact on the installed base of Internet users is FUD?


And by the way...

For all the supposed benefit of port blocking -- eg, we don't see as much dial-in spam sourcing -- do we have less spam in the world? Is spam less of a problem?

So the inconvenience to mobile users has not solved or even reduced the global problem.

Mechanisms for controlling globe-scaled misbehaviors need to be surgical in the care with which they are chosen and applied. Outbound port blocking is a blunt instrument and it is swung blindly.

d/


----------
Dave Crocker <mailto:dave@tribalwise.com>
TribalWise, Inc. <http://www.tribalwise.com>
tel +1.408.246.8253; fax +1.408.850.1850





Discussion Communities


About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home


Merit Network, Inc.