> From: Mark Smith <ietf@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx> > > Yes, spam filtering can be quite effective. > > Not using spam filtering ... I don't like the chances of false > positives or negatives. Today either you filter spam, or you get practically no mail from strangers. If your address is exposed for legitimate mail from strangers, then lots of spam will be sent your way. At least 50% and by some accounts more than 80% of all mail is spam. If you get the 10 legitimate message/day typical of a non-technical user, and your spam load is 80%, then you also receive 40 spam/day. My various layers of filters averaged 521 spam/day for the last 40 days. Either your computers filter using blacklists, whitelists, various content filters, and/or other mechanisms, or you filter spam manually. 40, not to mention 521 spam/day are too many to filter manually without frequently overlooking legitimate mail. Those are false positives. Thus, if your mailbox is open to legitimate mail from strangers, then you have false positives, whether they are human or computer errors. > My idea is similar to the idea of abandoning a phone number if > you get too many prank calls. Similar to abandoning a phone > number, when I abandon an email address, I don't even see the > spam traffic - I'm not filtering it out. On the contrary, legitimate messages sent to your abandoned mailboxes are false positives. They are filtered out. > > > I would find not be able to run my own MTA, > > > unfortunately on a dynamically assigned IP ADSL service, as > > > that is all I can afford, to be far more costly than the very > > > negligable reduction in spam I would receive if TCP port 25 > > > was blocked by ISPs. > > > > I cannot understand that as other than a demand that I > > subsidize your Internet service. > > > > If you think that everyone has the right to run their own MTAs, > > why don't you insist that Full Internet Connectivity be free? > > I struggle to understand how you make such a dramatic jump in > "position" (I can't think of a better way to describe it at the > moment). I can't see the logical progression from being able to > run an MTA, to getting Internet connectivity for free. I thought you were repeating the too familiar whine that it would be Wrong and Evil to be forced to choose between paying for Full internet Connectivity and having port 25 blocked. The familiar claims from others about unblocked port 25 for $30/month being a fundamental human right of communication are irritating. Those making those claims want only a price they can afford, instead of the $0.00 price appropriate for a fundamental human right. ................ } From: Mark Smith <ietf@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx> } I'm just waiting for the next Outlook based (or alternatively, a } socially engineered executable based) worm that uses legitimate } email addresses and "legitimate" (in the sense of } "legitimate because TCP port 25 is not blocked") MTAs to send out } spam. That is such an obvious countermeasure that you must assume it it probably is already in use. } Blocking TCP port 25 on dialup accounts (or any other } Internet service) will have no effect in mitigating these types } of attacks. That is mistaken. Spam, worms, and viruses sent through ISP mail systems can be filter. I understand that worm and virus filtering is quite effective, but don't really know. Filtering spam from an ISP's own customers can be extremely effective. For example, an ISP can rate-limit customers to 10 or 20 messages/day, and require customers to make arrangements for higher rates. Vernon Schryver vjs@xxxxxxxxxxxx _______________________________________________ Ietf@xxxxxxxx https://www1.ietf.org/mailman/listinfo/ietf