LWN.net Logo

Advertisement

TrustCommerce

E-Commerce & credit card processing - the Open Source way!

Advertise here

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for December 4, 2008

KSM runs into patent trouble

Tux3: the other next-generation filesystem

LWN.net Weekly Edition for November 27, 2008

LWN.net Weekly Edition for November 20, 2008

Printable page
Weekly edition Kernel Security Distributions Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ

Large ISPs ponder spam

Large ISPs ponder spam

Posted Jun 24, 2004 19:30 UTC (Thu) by Baylink (subscriber, #755)
Parent article: Large ISPs ponder spam

If zombies are indeed responsible for $LARGE_PERCENTAGE of the spam, then Job 1 seems to be two pronged, for all ISP's, but especially broadband ones:

1) immediately block outbound access from your subscribers to port 25 on remote hosts, whether on- or off-net.

2) immediately reopen it for any specific user who asks.

The latter would likely require a little smarts on the DHCP front, but shouldn't remotely impossible.

And this would cut spam by half or more -- up to 80% in some reports? And it would take, what, a couple days for a couple guys?

C'mon; it's obvious.

(Smart-alec closing line goes here. :-)

(Log in to post comments)

Large ISPs ponder spam

Posted Jun 24, 2004 21:38 UTC (Thu) by smoogen (subscriber, #97) [Link]

Actually it shouldnt be too hard for them to do something like policy route all port 25 traffic out through mail-relays. These could then be stamped as being seen here last.. which would allow for better finding the zombies. Boxes that did send out more than the allotment could be turned off. Those who want more access can ask for it.

Restricting outbound SMTP

Posted Jun 25, 2004 0:59 UTC (Fri) by giraffedata (subscriber, #1954) [Link]

>Actually it shouldnt be too hard for them to do something like policy route all port 25 traffic out through mail-relays.

It sounds like you're talking not about routing IP traffic, but redirecting it to a different mailserver than the one to which it was addressed and then replacing it with what the ISP considers to be an equivalent mailing. That's no more palatable than just saying everyone has to send mail through the ISP's relay. Many Linux users want an ISP simply to route IP traffic into the Internet. I certainly do.

>Boxes that did send out more than the allotment could be turned off.

This is much, much harder than the original suggestion -- just allow outbound SMTP connections by request only. I agree that would all but solve the zombie problem. Very, very few of us would request that option, and very very few of those who did would become zombies.

Sadly, precisely because folks who want clear IP routing are such a small minority, what's actually going to happen is the ISPs will eventually turn off all routing except the few things that mainstream Windows websurfers need. There will not be any options. Options cost money.

Restricting outbound SMTP

Posted Jun 26, 2004 1:20 UTC (Sat) by Baylink (subscriber, #755) [Link]

Options cost money, yes, but the amount of money that option would cost would likely be epsilon compared to the amount of money they would *save* by not having to overprovision the links for the spam.

Anyone up for conspiracy theory?

It's Seagate and the carriers who are behind all the spam. :-)

Restricting outbound SMTP

Posted Jun 26, 2004 2:55 UTC (Sat) by giraffedata (subscriber, #1954) [Link]

Absolutely, but the point I made is that it is cheaper still to have no option, not overprovision for spam, and not allow anyone to connect to an extra-ISP SMTP server. I argue that this is a more likely eventuality than ISPs allowing people to opt in to SMTP routing.

Copyright © 2008, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds