Re: Paul's Mailfrom (Was: IETF SMTP Working Group Proposal at smtpng.org)

From: John Kristoff (no email)
Date: Mon Aug 26 2002 - 20:58:14 EDT


On Tue, 27 Aug 2002 01:54:39 +0200
"Jeroen Massar" <> wrote:
> SMTP is a protocol which is based on relaying messages from one
> mailserver to another.
> An endnode (especially workstations) don't need to run SMTP.

I'm not sure how to truly disable an SMTP server from running on an end
host. You can block or force forward port 25, but that is just a
number. Be prepared to start doing that for all ports, then protocols,
then IP addresses, then protocols again.

Furthermore, a forced relay, while perhaps helping to solve the
immediate spam problem is most definitely interfering on other things
with potentially harmful long term effects. Two of those are end-to-end
transparency and the fixing of the real problem. You may not care about
either of those, but I would argue they shouldn't be dismissed without
very serious thought.

> So what's so bad about forwarding all tcp/25 traffic over that relay
> and letting that relay decide if the MAIL FROM: is allowed to be
> relayed? And if a client wants to mail from another domain which isn't

There are some potential problems. Don't bother answering them, I'm
sure they can be disputed, but I'm also sure there are plenty of other
examples an SMTP expert could think of:

  What if there is a new SMTP specification that doesn't work through
the forced relay?

  What about simply not trusting a relay to do the right thing or for
fear of a forced relay adding/changing/snooping/delaying the traffic?

  What about when SMTP starts going over something other than TCP port
25?

> The whole problem is yet again that a small amount of people (this
> time spammers) make a whole lot of problems for a lot of people (we).

Maybe some different thinking is called for. Here are some other
suggestions, take them or leave them. They aren't perfect either (don't
try and answer these either, I'm sure they can be disputed :-):

  Force forward by default, but allow anyone who wants to use TCP port
25 the ability to do so. They must sign an non-abuse agreement or
whatever. Then they get their host/link put into the TCP port 25 open
path.

  Do some rate-limiting by default. Perhaps coupled with the above?

  Start offering spam blocking and filtering services for end users.

  Get better at monitoring and incident response. This will pay
dividends for lots of other areas as well.

  ...and finally to quote Randy, send code. :-)

John








Hosted Email Solutions

Invaluement Anti-Spam DNSBLs



Powered By FreeBSD   Powered By FreeBSD