[Andreas: please configure your mailer to do line breaks at ~76 or so as my screen still is not 1500 chars wide and a lot of mailers just extend the scrollbar to the right right right right right... especially when one replies, which makes it kind of annoying, just think line breaks make you look cool!]
On 2010-10-29 13:48, Andreas Fink wrote:
[..] internet provider just transports content but is not auditing or controlling the content and actually is not even allowed to look at what contents go over his wire.
Which is exactly what a certain ISPs SMTP setup is currently doing:
- It man-in-the-middles TCP connections on port 25. - It does/follows the full SMTP conversation. - It parses and scores the SMTP data portion. - It rejects the message if it does not like it.
Clearly that ISP has something wrong. The question is of course also what kind of logging they are doing and how many laws they are breaking...
I have still not received a proper snailmail notifation that my ISP is doing this (and possibly other nefarious) methods to the Internet connectivity that I pay for. Nor have I found a way to get this disabled, legally I don't even know that it exists... heck the only reason we do know it exists is because it broke already some people's email setups.
There is only a, hard to find unless one knows the google search query, page which states in part:
"This filter now also checks e-mail from free e-mail providers such as GMX, Google Mail and Hotmail if the e-mail is sent from a [..] connection."
Only those providers? Strange as it is port 25 the whole article is about, and that is where SMTP goes over, all those "free e-mail providers" (okay GMX maybe not) use HTTP as the primary transmission method. Or can we make the conclusion that port 80 is also being inspected by this "ISP"?
It also breaks semi-broken setups causing more problems for other ISPs: "As a result of the introduction of the new spam filter, e-mail that is sent with SMTP authentication via port 25 can no longer be sent."
So very nice of them.
To come back to the original discussion, obviously ISPs are looking at the content, especially when there is a lawful tap involved. The question is now, how this can be communicated to the customers as it is their right to know what is being done with their traffic for which they are paying.
The further question is, should an association like this have ground rules for their membership in which when one becomes a member that states amongst others:
- That the ISP is not doing content-inspection - That the ISP is not doing content modification (eg there are ISPs who attempted to change Google Ads with their own! Although I have not heard about this yet for Switzerland) - That they have a proper abuse contact and handling system.
Greets, Jeroen