isn't the most spam comming via compromized Computers ? adsl Dynamic or dialup user you should never trust them if the say the dont spam. they have to send mail the way smtp is thought for, that means send email to the smtp relay next to you. prevent him to send email via any other relay. if this would be consequent done by all ISP most of the spam would dissapear, and we could concentrate to prevent abusing other system for doing their harmfull work.
Funny thing is one ISP is switching off his SMTP relay telling the client to use other smtp relay in the wild and call that a first action according to the "stop spam" campaign. another one is blocking port25 und force the user to use the ISP?s SMTP Relay and even explain this is done due to the "stop spam" campaign
how to believe anything ?
confused .... but still voting to block mail from dialup and adsl ranges ;-)
---------- Original Message ---------------------------------- From: "Scott Weeks" surfer@mauigateway.com Reply-To: swinog@swinog.ch, surfer@mauigateway.com Date: Thu, 12 Apr 2007 11:19:56 -0700
Hello,
: So if a customer proofs that he is able from a technical : Point of view to operate an mail server in a secure manner : and assures not to abuse email for spam then it's not : acceptable that an ISP block anything to him.
This is what I was saying to the guys here at my work. We just need a small proof that the customer isn't a spammer and we open it up. However, most of our customers are less-technical savy home folks. Did you have to prove to your ISP that you weren't spamming? If so, how did they have you do that?
Thanks, scott
--- Peter.Bickel@idv.ch wrote:
From: Peter Bickel Peter.Bickel@idv.ch To: swinog@swinog.ch, surfer@mauigateway.com Subject: Re: [swinog] Re: blocking ports? Date: Thu, 12 Apr 2007 12:03:28 +0200
Scott Weeks schrieb:
: You'd be amazed how many companies operate their own : mail servers, even behind dynamic addresses
I'm speaking with guys in my company on an issue and part of the discussion has to do with me saying no one runs a mail server from behind a dynamic IP addresses. Other than just your experiences, does anyone have pointers to data on folks that do this?
scott
Hi Scott
we do exactly this for IDV & Network Consulting. We operate our own Mailserver (Solaris with sendmail and iamp) in our internal Network which is connected to Cablecom (DHCP ;-)) In addition we have some Maschines in a hosting environment which have of corse fixed IP addresses which we use to relay to the outside. All hosts use Solaris and sendmail and are protected with IPFilter with very restrictive Rules. Incomming email is going through the external hosts and an IPIP Tunnel directly to the internal mail server.
We really don't want to be dependend on an ISPs email SETUP. DNS is the same which helped me in the past a lot where several customers weren't able to use the net everything worked for us. So if a customer proofs that he is able from a technical Point of view to operate an mail server in a secure manner and assures not to abuse email for spam then it's not acceptable that an ISP block anything to him.
--- swinog-list@dudes.ch wrote:
From: Markus Wild swinog-list@dudes.ch To: swinog@swinog.ch Subject: Re: [swinog] Re: blocking ports? Date: Wed, 11 Apr 2007 19:26:39 +0200
Jonathan,
Sorry but I disagree with Per. ISPs have a duty to prevent email Spam which is a terrible curse for us all. If they decide that blocking port 25 outbound will help then they should do it.
If you are a user, why can't you use the ISPs relay server? If you are a provider you ought to have your own mail server on a fixed IP address.
You'd be amazed how many companies operate their own mail servers, even behind dynamic addresses (in which case they usually use some mailbox polling mechanism to feed their server from mail from the outside), but send outgoing mail directly with SMTP.
Of course, one day we need a better protocol than SMTP (*Simple* Mail Transfer Protocol) which was never meant as a global email solution. But until then we have to do something to stop people abusing it.
But by killing the payload, not the messenger, please...
Cheers, Markus _______________________________________________ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
--
Gruss Pitsch
Peter Bickel e-mail: bickel@idv.ch IDV & Network Consulting Telefon: +41 1 853 24 16 Gumpenwiesenstrasse 38 Fax: +41 1 853 27 04 CH-8157 Dielsdorf Mobile: +41 79 666 15 50
swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
________________________________________________________________ Sent via the WebMail system at mgz.ch
Hi all
On Friday 13 April 2007, Schmid wrote:
Funny thing is one ISP is switching off his SMTP relay telling the client to use other smtp relay in the wild and call that a first action according to the "stop spam" campaign. another one is blocking port25 und force the user to use the ISP?s SMTP Relay and even explain this is done due to the "stop spam" campaign
Here's what I think would be reasonable to fight spam. And in the first place it really would help fight spam comming from trojanized computers - until spammers start to use the Outlook| Thunderbird|whatever configured authenticated SMTP/Submission Access:
* Block destination port 25. This prevents bots from sending email directly to the victims MXes. No one wants to (must not) run an MTA in a dialup range: Many MXes dont accept emails orginating from dial-up rages. No one wants to (must not) run an MX in a dial-up range. The risk of delaying or losing email due to a IP change is not acceptable. And what if the successor of the IP runs an MX which accepts all Mail..?
* Provide an relaying MTA accepting emails from authenticated connections on port 25 or 587 (Submission, which is intended for exactly this use case). I dont know if Tele2/Econophone do this.
* Allow connections with destination port 587 to let your users relay to any thrid party email provider. Tele2/Econophone do this.
Given the second point is OK, this whole blocking thing this not a bad idea. And its not that hard to configure fetchmail/authenticated relaying to a smarthost for geeks who want to run their own email infrastructure (in contrary it adds som salt to the whole soup ;)
Now waht I think is really bad is the thing that Econophone/Tele2's Information website is really bad. These three very easy points are no where clearly explained. The lengthy FAQ beats arround the bush and rather confuses the reader than making the situation clear to him. *hinthinthint*
Probably one of these guys can confirm this or explain the differences (and probably add it to their Information Pages...).
Have fun
Michi
- Block destination port 25. This prevents bots from sending
email directly to the victims MXes. No one wants to (must not) run an MTA in a dialup range: Many MXes dont accept emails orginating from dial-up rages. No one wants to (must not) run an MX in a dial-up range. The risk of delaying or losing email due to a IP change is not acceptable. And what if the successor of the IP runs an MX which accepts all Mail..?
thats right. Telia has started as first ISP blocking Port 25 years ago...
Given the second point is OK, this whole blocking thing this not a bad idea. And its not that hard to configure fetchmail/authenticated relaying to a smarthost for geeks who want to run their own email infrastructure (in contrary it adds som salt to the whole soup ;)
Why not sell some fixed IPs, to customers who want use their own mailserver ? If i receive a request from such a user, that has a dyn IP, i tell him to buy a static one, because of full control and exclusion of DUHL. Furthermore the customer is self responsable, if a IP Adress in his range will be listed. Complaint Mails are also directly sent to the owner of the IP, so the Abuse Team don't need to work on such cases.
Greetings
Daniele Ladu
Ladu, Daniele wrote:
Why not sell some fixed IPs, to customers who want use their own mailserver ? If i receive a request from such a user, that has a dyn IP, i tell him to buy a static one, because of full control and exclusion of DUHL. Furthermore the customer is self responsable, if a IP Adress in his range will be listed. Complaint Mails are also directly sent to the owner of the IP, so the Abuse Team don't need to work on such cases.
That's the setup I have. ADSL with static IP, own MTA, registered abuse e-mail, ... Having a smarthost in front would not be a big problem too but I'll prefer to be directly exposed to the internet as I'm developing a spam-filter and the "raw scum" feeds my filter :-)
Daniele
-
Daniele Guazzoni -
Ladu, Daniele -
Michael Naef -
Schmid