North American Network Operators Group|
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical
On Tue, 27 May 2008, michael.dillon@xxxxxx wrote: > > But a more advanced intelligence will wonder why we have to have an SMTP > server architecture that invites attacks. Why, by definition, do SMTP > servers have to accept connections from all comers, by default? We have > shown that other architectures are workable on the Internet, where > communications only take place between peers who have prearranged which > devices talk to which. This worked for USENET news and it works for > exchanging BGP route announcements. Of course there's no unwanted traffic on USENET or BGP. Everyone de-peers Tiscali when their customers' compromised home computers perform DDOS attacks. > As long as we don't fix the architecture of Internet email, we > are stuck with the catch-22 situation that Amazon, and all hosting > providers find themsleves in. These companies really have no choice > but to allow spammers to exploit their services until the spamming > is detected, either proactively by the provider, or reactively by > a complaint to their abuse desk. Nothing prevents Amazon from implementing a hierarchial email delivery network for their little corner of the net. They just have to block outgoing port 25 and require their users to use Amazon's smarthosts. I don't see how, in your preferred replacement email architecture, a provider would be able to avoid policing their users to prevent spam in the way that you complain is so burdensome. Tony. -- f.anthony.n.finch <dot@xxxxxxxx> http://dotat.at/ HUMBER: SOUTHEAST VEERING SOUTHWEST 5 TO 7, PERHAPS GALE 8 LATER. MODERATE OR ROUGH. THUNDERY RAIN, FOG PATCHES. MODERATE, OCCASIONALLY VERY POOR.