>Received: from mail.optistreams.net (206-169-2-196.gen.twtelecom.net [206.169.2.196]) > by calcite.rhyolite.com (8.12.11/8.12.11) with ESMTP id i4UG8bio077225 > for <vjs@xxxxxxxxxxxxxxxxxxxx> env-from <nsb@xxxxxxxxxxxxx>; > Sun, 30 May 2004 10:08:38 -0600 (MDT) > From: Nathaniel Borenstein <nsb@xxxxxxxxxxxxx> > > Mr. Borenstein and others like him expect the rest of us to subsidize > > their $30/month connectivity by dealing with the network abuse of his > > fellow customers, because they find $30/month comfortable. > > Just for the record, I spend plenty more than $30 per month on Internet > connectivity, as does my employer. My views on this have nothing to do > with the cost of my Internet service, which is why I said nothing about > such costs. Since your message seems to be based entirely on a > misguided assessment of my motives, there's not much else in it that > needs to be answered. (We could argue forever about what constitutes a > monopoly, but I doubt any minds would be changed.) > > Port 25 blocking may be sometimes necessary simply to preserve the > integrity of a network under heavy spam attack. Perhaps I am mistaken, but I believe that Mr. Borenstein has mentioned his costs in the past. His recent talk about the supposed "near monopolies" of "cable providers" makes absolutely no sense except in the context of $30/month services. The copy of his message appears to have been sent to my SMTP server from one of those $30/month accounts. Mr. Borenstein certainly has complained about some sort of blocking of his mail. I think that blocking involved a cable provider account. However, if the blocking that bothered him was not from his TimeWarner acocunt, then perhaps this is relevant: traceroute to guppylake.com (64.71.173.70), 64 hops max, 44 byte packets 11 ix-8-0.core1.SanJose.teleglobe.net (66.198.97.18) 59.309 ms 12 pos2-3.gsr12416.pao.he.net (66.220.13.42) 119.297 ms 13 pos2-0.gsr12012.fmt.he.net (64.62.249.121) 61.106 ms 14 64.71.173.70 (64.71.173.70) 62.479 ms traceroute to thehideout.net (64.71.176.110), 64 hops max, 44 byte packets 13 pos2-0.gsr12012.fmt.he.net (64.62.249.121) 60.953 ms 14 64.71.176.110 (64.71.176.110) 61.028 ms Hurricane Electric has earned a reputation as a provider that avoids dealing with reports of spam sent by its customers except by forwarding them reports to its customers. See http://groups.google.com/groups?scoring=d&q=+%22he.net%22+group%3A*email http://groups.google.com/groups?scoring=d&as_epq=Hurricane%20Electric http://groups.google.com/groups?scoring=d&q=+%22he.net%22+group%3A*abuse* Juging from http://spews.org/html/S2100.html 64.71.173.70 is currently listed by SPEWS at level 2. (I do not use or advocate SPEWS' list; I'm pointing out SPEWS' data only to support my point about the supposed unfairness of the blocking of Mr. Borenstein's mail.) > But I believe that a > long-term solution is possible that will be both more effective and > less restrictive. My own focus is on that long-term planning, and I > just can't see port 25 blocking as anything more than a rather > problematic stopgap measure in advance of a more spam-resistant > infrastructure for SMTP message submission. People have been talking about such ideas since Cyberpromo's day. The closest thing that has ever been implemented and proven effective is blocking port 25 SYNs from blocks of IP address that have a better than 99.9% probability of sending only spam and worms, namely the IP addresses of spammers and of "dynamic address." In practice the latter is synonmous with block port 25 for $30/month accounts. Blocking port 25 from $30/month accounts does not affect SMTP-SUBMIT, which is the IETF standardized "spam-resistant infrastructure for SMTP message submission." One must wonder how Mr. Borenstein's mail could be blocked by the sort of blocking he has repeatedly complained about if he used SMTP-SUBMIT to reach reputable MTAs. Note also the disconnect between the reverse-DNS of Mr. Borenstein's SMTP client and his envelope Mail_From and header From: values, and the lack of DNS RRs supporting any of the proposals for DNS-based sender authentication. According to the advocates of those mechanisms, Mr. Borenstein's is "forging" his messages. Vernon Schryver vjs@xxxxxxxxxxxx _______________________________________________ Ietf@xxxxxxxx https://www1.ietf.org/mailman/listinfo/ietf