Date: Sun, 26 Sep 1999 00:17:43 -0700 (PDT) From: "Rodney W. Grimes" <freebsd@gndrsh.dnsmgr.net> To: ben@scientia.demon.co.uk (Ben Smithurst) Cc: chat@FreeBSD.ORG Subject: Re: Filtering port 25 (was Re: On hub.freebsd.org refusing to talk to dialups) Message-ID: <199909260717.AAA09184@gndrsh.dnsmgr.net> In-Reply-To: <19990926030048.A2441@lithium.scientia.demon.co.uk> from Ben Smithurst at "Sep 26, 1999 03:00:48 am"
next in thread | previous in thread | raw e-mail | index | archive | help
> Rodney W. Grimes wrote: > > >> I have no objection to web caches, no. I *do* have an objection to > >> having all traffic out of my machine *forced* to go through the ISP's > >> web cache. If I want to use it, I know how to configure my software to > >> use it (and I do use it), I don't need the ISP doing that for me. > > > > They already are, and you don't even know it. It may be at a major > > provider near you soon too. > > I'm pretty sure it won't be at my ISP. > > >> I suppose you configure your web servers to deny all requests from dial > >> up hosts. If not, why not? After all, under your policy all users should > >> be using their ISP's web cache. > > > > You've twisted it a bit far. Nothing in our policy says what another ISP's > > users can do, only what our customers can do. > > So why do you stop other ISP's dialup users from sending mail direct to your > incoming SMTP servers? We don't presently, unless they happen to be on the RBL, I think you have twisted this view around and are looking at several aspects of it backwards. We stop _our_ dialup users, infact we stop all _our_ users, dial or dedicated, from creating direct outbound port 25 connections, unless other arrangements have been made via policy amendments and filter changes. Why, well, it prevents us from ending up on the RBL due to some luser that buys a dial up for the intent of spamming. Now I did mention we intend to add DUL to this suit of anti-spam work, and that would prevent other ISP's dialup users from sending mail directly to our SMTP servers. Now, why would we do that, well, because the other ISP has asked us to do it by submitting his dial up IP block to the DUL. We like doing things that stop spam, especially when another ISP indirectly asked us to do it by submitting his Dial Up ip List to DUL. From my reading of your questions so far to date I can tell you don't have a real understanding of what RBL, DUL and my IP filter rules are really doing. And I can further extract that you probably have never tried to run an ISP's mail server, or had to deal with large amounts of spam. > > > SMTP deserves very special attention due to the fact that the number 1 > > complaint of users of the internet is *SPAM*. SPAM is propogated via > > smtp. Do I need to say more? I can if I do. > > What about NNTP? I think quite a bit of Usenet spam (and rogue cancels, > and other crap on Usenet) are injected through open news servers, > not necessarily those of the abuser's ISP. This would cause problems > if customers wanted to use an external news service like Giganews or > Altopia though, so I guess it's not as simple as "block all NNTP to > remote sites". Especially since we have decided that we are not experts at news and outsourced that to another company who are experts at news. We do monitor inbound NNTP attempts, mostly caused by port or ip space scans, and we monitor all outbound NNTP connections not to the outsourced news provider, but we do not presently block them as UseNet _is_ spam, or atleast 80% of the traffic seems that way now a days. We also don't have users complaining and asking us what _we_ can do about reducing the spam in the usenet news groups. We have never taken any action due to outbound NNTP connections that trip the filter logging, as they are very infrequent. We do have several of the major open nnrp servers listed beyond our supplier due to them being common for people to use. There are several organizations that work on doing usenet cleanup by rapidly sending out cancels to bogus crap that should have never gone to certain groups which is someone effective. The other big difference with NNTP and usenet is that it is opt-in for the consumer. It don't end up on their screen unless they requested the news group, smtp is quite different, it is shoved into their mailbox and the only way to get it out is to delete it. -- Rod Grimes - KD7CAX - (RWG25) rgrimes@gndrsh.dnsmgr.net To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-chat" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199909260717.AAA09184>