[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: mail problem



Nadav Har'El wrote:

> > > hours in the mail queue waiting to be sent. Anyway, when you send email
> > > directly from your dynamic IP, and the remote server does not answer, what
> > > do you do? You shouldn't give up, because the server may be temporarily
> >..
> >
> > The solution is to queue the mail and try again the next time you connect.
> 
> Really? This is not an acceptable solution to me, and probably not to most
> people. I don't want to have to wait until the next time I log in (maybe
> only a day later) for the message to be sent!
> Of course, if someone deliberately *wants* to do that, then it's his choice,
> but at least don't tell me it's a useful thing to do :)

In a world using the DUL, it would no longer be ``his choice''.

> Organizations should have a permanent and well-known IP, not one listed on DUL,
> which is exactly what the DUL phylosophy is: mailers should be accountable,
> and not completely anonymous. 

This is really poorly defined.

1) What's a ``mailer''?  There are SMTP senders and there are SMTP receivers,
   and they are not always equal.

2) What's ``accountable''?  Dynamic IP addresses for e.g. ISDN connected outfits
   can be first class Internet citizens for the duration of their connection by
   utilizing dynamic DNS.  In such a configuration, incoming mail for such an
   outfit would be received at a directly connected host advertised via MX, and
   the queue would be drained when the outfit's mail host gets connected to the
   network (e.g. using ETRN).

That aside, I find your point pretty upsetting.

Configurations such as I describe are possible, in use where current
technology allows, and otherwise are in demand.  There are Internet Drafts
dealing with exactly these issues.  This was the also the case before the
DUL; i.e. there is no technical argument as to why these setups are wrong.

The DUL breaks such setups, and possibly others.  And your justification is
that this is ok, because organizations should not have IP addresses listed
in the DUL?  

That's circular reasoning.  ``The DUL says so'' is not a convincing argument.

>				It means that if you choose to be anonymous,
> you're welcome to be on the Internet, but not to send *me* mail, because
> someone who sends *me* anonyumous mail is most likely a spammer. It's my
> choice to think that way and use DUL, and it may be your choice not to
> think that way, and continue to get a dozen spams per day.

I'm not trying to convince YOU of anything.  Had I been doing that, it
wouldn't have been in a public forum.

I'm trying to show that the DUL, as a technology to deal with spam, is
broken and a bad design which -- if it becomes widely spread -- may impede
the development of the Internet.  This is bad.

I know of people who reject any email with Hotmail, Yahoo, etc. addresses.
It greatly reduces the amount of spam they send.  Do you believe that this
is a proper solution to spam?  Would you advocate it?  I hope not; it may
be useful to one individual or another, but IT DOES NOT DEAL WITH THE
PROBLEM.  Neither does the DUL.  

> As a sidenote, I use DUL,RBL,and ORBS for some time now and keep all
> discarded messages for research, and I never had a non-spam message
> discarded because of DUL - I.e., nobody ever seems to have sent me a
> message from a dailup-line without going through their ISP's SMTP server.
> So DUL false-positives are not as bad or as common as you make them sound.

Uh, that's not very scientific.

Do you usually make conclusions based on one data point?

> It's a nice touch using my own words agains me :)
> There's an important difference between Netvision and a government: if
> you feel Netvision's policies are too restrictive, you're free to use
> another ISP who doesn't block port 25. On the other hand, If you feel
> Israel's policies are too restrictive then, well, you're out of luck...

Where would I go in a world where everyone blocked port 25?
 
> This is similar to the following: in a country with free speach, you're
> free to create your own newspaper, perhaps even by photocopying it yourself
> and delivering it to your subscribers. However, free speach does not
> imply that if you want to write something in, say, Yediot Achronot, then
> they *have* to let you write it there. They may charge you for it,
> place limits on it, or whatever they feel like. If you feel they are
> too restrictive, go to Maariv or open your own newspaper as described above.

I really don't want to get into THIS.  So think for yourself; if what
you say is true, how exactly do you explain the brouhaha that happened
when HADASHOT was closed?  With all the Nimrodi scandals?  We live in a
world where NOT everyone can publish a newspaper.  It is therefore the
public's right (and duty) to protest when its watch dogs become corrupt,
or when pluralism is at risk.

> Of course if the limits are arbitrary and too restrictive, the clients
> should protest to the ISP and threaten to leave. If all ISPs form a cartel
> and put limits together, then you can go to the Anti-trust commision and
> complain. RBL has been threatened by several such suites, but so far
> hasn't lost (this might change if it becomes more ubiquitous - we'll
> have to wait and see).

They haven't ``lost'' because they haven't been sued.  Threats are one
thing -- most net.kooks make them -- but filing suit is another.

The RBL defense, btw, is that they are not actively doing any blocking.
They publish a list, and third-party outfits choose to blackhole traffic
from addresses on that list.

> I'm sorry, but I don't buy your argument at all. Of course someone can
> *deliberately* relay only to the ORBS test machine! But why would anybody
> do that other then to be "clever" and have a few laughs? 

To prove a point.

``It does not relay.  It's in ORBS.''

This is exactly something that should NEVER happen with a spam-related (in
this case, relay-related) blackhole.  It causes perfectly legitimate email
to get lost.

This is orthogonal to the other obvious flaws of the ORBS system:

1) Systems may be listed although they have never been abused for 
   spamming purposes.

2) ORBS testing is unsolicited and bulk, and can therefore be seen 
   as spam.

3) ORBS is completely automatic.  Cutting off someone's email is not
   something that should be done by a robot.

> > ORBS has also listed ISPs who failed to receive their warning message
> > because the ORBS robot sent it to the incorrect address.
> 
> ORBS sends (or at least they claim to send, I haven't checked) email to
> postmaster@ the machine. the RFC mandates such an account to exist, and
> to be read by an administrator.

This is not the exact wording of the RFC.

There have been interactions where the ORBS automatons discovered SMTP
listeners on output only interfaces, and therefore addressed their warning
message incorrectly.

ORBS listed Demon Internet (a UK and NL ISP) because of something like
this.  Demon has hundreds of thousands of customers.  

No false positive, huh?

ORBS have since fixed THAT problem and started sending email to the address
in the DNS SOA record, but the point stands:

When dealing with something as complicated as email, and especially when
looking for misconfigurations, it's wrong to decide automatically whom to
warn and then automatically blackhole them if they fail to respond.  It's
been shown time and again that these heuristics fail.

> > ORBS will list any open SMTP relay that uses other methods to protect from
> > abuse (e.g. rate limiting).
> 
> This is very true, and is the defence used by Netvision to explain their
> open relay. However it is still *my* prerogative to decide that I insist
> not to get mail from open relays, and therefor use ORBS. If you, Netvision,
> or anybody else feels there are hosts that are open relays but not spam
> risks, feel free to create a list ORTANSR (Open Relays That Are Not Spam
> Risks), or whatever, for that, and maybe I'll use that in my spam filter
> instead of ORBS.

I don't think anyone's personal interests are particularly interesting or
relevant here.  The question is what mechanisms exist to battle spam without
destroying the Internet or the concepts it was based on.

And btw, by fighting spam I don't mean hiding the problem.  I mean ending
the problem.

=================================================================
To unsubscribe, send mail to linux-il-request@linux.org.il with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail linux-il-request@linux.org.il