[thelist] SMTP and spam prevention (was:The Spam Argument [long] (was: ....)

Andrew Seguin asegu at borg.darktech.org
Fri Jul 25 15:39:32 CDT 2003


> So quit yapping and do something about it Bruce!  Write a replacement
protocol for SMTP that requires senders to authenticate. It has to be a
lightweight protocol because even without the weight of spam, email is a
very important network service.  It has to allow authentication against
an administrator's prefered user base (LDAP, SQL, PAM, BDB, whatever)

Postfix (a unix MTA) supports requiring authentication before sending.
Some small hacks exist for most SMTP servers available to either require
  1- Authentication to a POP3 server at least XX minutes before connecting
to the MTA:
  2- Authentication in the SMTP protocol. (defined in RFC 2544 I think)

>
> Then write an easy to install and administer piece of software for
Windows and *nix that uses this protocol.  Make this software also
accept plug-ins:
> - virus scanning
> - accounting (so that ISPs can regulate the amount of email traffic
their users can generate, and potentially charge them per email) -
distributed black-listing service so that ISPs can identify and refuse
incoming mail from problematic hosts

Postfix can either do all that or be made to do all that. To the best of
my knowledge you can do that on Microsoft's Exchange servers as well. As
for black listing service: look at  http://mail-abuse.org/ They run real
time black-hole lists... lists of known IPs of spammers, open relays,
email-list servers that don't ask for confirmation on the addresses added,
all your email server has to do is an extra DNS lookup for each incomming
email.


>
> We need a better protocol and MTA to do some of this, and you know you
cannot replace SMTP completely so build it with that in mind.
No need to rebuild SMTP completely or at all. Already there. If you are
administrator of your own email server I recommend you read up a little
bit.

>>...


> you are kidding right?  check some mail headers, most spam *I* receive
comes from Hungary, China, etc... international laws against spam would
be a joke even if you could get them.
Recently I got two spammers that got on my case... 30-40 emails a day
each. All from the same two hosts. Both were in the US, one from NYC,
customer of an ISP, the other in California, customer of a email service
provider... both were violating the terms of their contracts, so both got
shut down.
Never mind laws, most ISPs don't allow their clients to use their email
accounts for sending spam, and when it is reported they drop the
connection. If not, then block them (if you can). It's not usualy all that
hard to find out which IP blocks a company is owner of. Then a quick "ipfw
block ip from w.x.y.z/n to any" (or similar depending ...) on your
firewall and your set...


>
>>raise the cost of doing email....by some 10000%..however, have a
>> mechanism
>>in place that says if yousend less than x/month..you don't pay...
In Canada, it`s called "no longer free unlimted monthly bandwith". Also
helps combat the plague of internet abusers that sit with peer to peer
clients for a month time and end up downloading 40-60GB. 20GB per month is
enough for me to do a *lot* on the internet... In my opinion though it
would be a bad idea to start charging for emails: part of my cost of
internet is the email account at my ISP. So if everybody is basicaly
paying the cost of sending, should we also be paying for the receipt? I
look at ISPs in Canada, and most for adsl service will allow you 10-15GB
of download and only 5-10GB of upload... so I would assume that recieving
is less costly then sending. Storage is of course another issue, but
quotas take care of that... I believe that's why most ISPs offer POP3
access and not IMAP.


> you can do that among reputable and major ISPs in some countries, but
getting China onboard will be difficult.  Better have a server-blacklist
to refuse connections from.
As I mentioned above, such exists. see http://mail-abuse.org/

Conclusion/Notes:

   Email server software do exist that make sure the emails are comming
from who they say they are.

   Email server software should never relay openly from the internet. My
personal postfix system uses no authentication. BUT it only accepts
outgoing emails (emails not addressed to one of my domains/hostnames) from
the inside of my network. And my firewall makes sure the inside of the
network is truly the inside of the network

   Mechanisms do exist to block unsolicited emails.
      Filtering software to look at the headers of an email.
      Lists of IPs of known open relays, IPs for dial up users,
      etc...

   Overall, I see it as a question of education. As I saw from the
"requests" above, not all people are aware of what is available to them.
Since I only have a small server, I have the time to contact each and
every source of spam (not the spammer, but ISP, hosting company, etc). I
also have time to keep up to date on what is available to me.


Anyways, I just wanted to leave a small note on this subject about what IS
available already do to the ...

Andrew




More information about the thelist mailing list