In message <199710011109.MAA02064@diamond.xara.net>, Alex Bligh writes:
On Wed, 1 Oct 1997, Paul Thornton wrote:
I have to agree with Alex here. If we can persuade ISPs (and customers who have mail servers which can relay) to fix their configurations to deny relaying except for their own hosts/networks then we have made a big step forward.
but it still doesn't solve problem of spamming.
Long term:
It doesn't solve it, but it helps it. One of the main problems is traceability. IE you don't know where the spam has come from. If noone third-party relayed, then when my users get spam, I'd know the IP address of the machine it came from originally. This would be good. Another necessary fix is for ISPs to keep record of which user had which IP address at any given time, and to keep contact details for all their users (this is desirable for secuirity and legal reasons too).
This is elementary; know who your customers are and what they are doing with your infrastructre.
If you build these two things together with a term in peering agreements that classifies spam abuse in a similar manner to the way most agreements currently classify security problems (i.e. mutual terms for traceability and action), and one hopes that similar terms are already in place in transit agreements, then one should be better able to get spammers removed.
Almost all peering on the Internet today is 'soft'; in that it is 'just packets' that is moved. If we are to get tough on enforcing this we'll need lawyer-based peering aggreements. Remember the Internet of 1993 ? How fearful we all were about getting such 'firm' peering aggreements, because it would force us into a PTT-stand on almost all the models of pricing, transit etc. that the Internet Community loathed (does it still?). Are we ready for the 'firm' peering aggreement ?
Short term:
The other more obvious reason why it helps in the short term is that in conjunction with a realtime BGP feed like that on http://maps.vix.com, you (a) ensure that you have no 3rd party relayed spam, and (b) have the addresses of many commercial spammers blackholed. Of course they move IP addresses, but the larger ones soon get their networks blocked as a whole. Then they have to go back to their provider to change IPs. Eventually the provider will become bored of this (vz. Cyberpromo & AGIS). But it *does* reduce the amount of spam.
The other way is to keep up the self-justice. Drop the peering with the bozo generating the spam.
-- Alex Bligh GX Networks (formerly Xara Networks)
-- ___ === / / / __ ___ _/_ === Morten Reistad, Network Manager === /--- / / / / /__/ / === EUnet Norway AS, Sandakerveien 64, Oslo === /___ /__/ / / /__ / === <Morten.Reistad@Norway.EU.net> === Connecting Europe since 1982 === phone +47 2209 2940