On Wed, 1 Oct 1997, Paul Thornton wrote:
I have to agree with Alex here. If we can persuade ISPs (and customers who have mail servers which can relay) to fix their configurations to deny relaying except for their own hosts/networks then we have made a big step forward.
but it still doesn't solve problem of spamming.
Long term: It doesn't solve it, but it helps it. One of the main problems is traceability. IE you don't know where the spam has come from. If noone third-party relayed, then when my users get spam, I'd know the IP address of the machine it came from originally. This would be good. Another necessary fix is for ISPs to keep record of which user had which IP address at any given time, and to keep contact details for all their users (this is desirable for secuirity and legal reasons too). If you build these two things together with a term in peering agreements that classifies spam abuse in a similar manner to the way most agreements currently classify security problems (i.e. mutual terms for traceability and action), and one hopes that similar terms are already in place in transit agreements, then one should be better able to get spammers removed. Short term: The other more obvious reason why it helps in the short term is that in conjunction with a realtime BGP feed like that on http://maps.vix.com, you (a) ensure that you have no 3rd party relayed spam, and (b) have the addresses of many commercial spammers blackholed. Of course they move IP addresses, but the larger ones soon get their networks blocked as a whole. Then they have to go back to their provider to change IPs. Eventually the provider will become bored of this (vz. Cyberpromo & AGIS). But it *does* reduce the amount of spam. -- Alex Bligh GX Networks (formerly Xara Networks)