From owner-freebsd-chat Sun Sep 26 10:58: 0 1999 Delivered-To: freebsd-chat@freebsd.org Received: from gndrsh.dnsmgr.net (GndRsh.dnsmgr.net [198.145.92.4]) by hub.freebsd.org (Postfix) with ESMTP id 5B36C152C7 for ; Sun, 26 Sep 1999 10:57:56 -0700 (PDT) (envelope-from freebsd@gndrsh.dnsmgr.net) Received: (from freebsd@localhost) by gndrsh.dnsmgr.net (8.9.3/8.9.3) id KAA10120; Sun, 26 Sep 1999 10:56:31 -0700 (PDT) (envelope-from freebsd) From: "Rodney W. Grimes" Message-Id: <199909261756.KAA10120@gndrsh.dnsmgr.net> Subject: Re: On hub.freebsd.org refusing to talk to dialups In-Reply-To: <64194.938367636@noop.colo.erols.net> from Gary Palmer at "Sep 26, 1999 01:40:36 pm" To: gjp@in-addr.com (Gary Palmer) Date: Sun, 26 Sep 1999 10:56:30 -0700 (PDT) Cc: jazepeda@pacbell.net (Alex Zepeda), chat@freebsd.org X-Mailer: ELM [version 2.4ME+ PL54 (25)] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-freebsd-chat@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org [CC redirect to -chat, users left intact] Should a BOF at BSDCon be asked for to discuss these issues? I think it would make for a hot and heated BOF with lots of understanding by both the ISP and user community about where the current state of the art is headed with respect to filtering, redirection, and other tools being applied to combat the spam problem. I know there is one talk by jmb about spam, the past 5 years or something along that line already. But this is such a hot topic that I am not sure if he is going to get into what is currently being done, and what some of the plans are. I also think that the open forum of a BOF would allow the implementers, people like Paul Vixie, jmb, you, myself, etc to get a lot of input from the general user community at large. > Alex Zepeda wrote in message ID > : > > No, the real problem is the ISPs who can't fund decent servers and provide > > decent service. If they could take care of spam and provide a 99% > > reliable service, I'd have very few problems with using their mailservers. > > If they can't provide a reliable OGM server, find a different ISP, no > matter what else. And I fail to see how they can `take care of spam' > if you won't let them close it at the source ... people doing direct > injection of spam to the recipients MX and relay raping others to hide > their tracks. ISPs blocking outbound port 25 from dynamic dialups and > inbound port 25 to people who shouldn't be running servers (e.g. your > average cablemodem customer, a fair number of whom run open relays, > and most of whom have a TOS which doesn't allow them to run `servers' > in the first place) will cure a lot of problems, whether you like it > or not. > > More than 75% of ISP customers would like less spam ... but they > *have* to be willing to accept that to stop the spammer they may have > to jump through a new hoop. Amen!! > > Heck, I believe a UK company (FreeServe?) uses a L4 switch (or some > similar technology) to redirect >all< outbound port 25 traffic to > their SMTP servers. US ISPs probably don't have that choice if they > cover any territory at all (the cost of the switches becomes > prohibitive as you need one per POP), but a Cisco ACL would work just > as well at stopping the problem. This is what I was alluding to when I wrote: ipfw add 10251 divert ${SMARTRELAYHANDLER} tcp from any to any 25 out via lnc1 It's a layer 3 redirection of outbound SMTP attempts that would in effect force the mail through our smart host without the customer even knowing that we did it other than by header examination. At this point the idea is just that, an idea. We will implement it if the current policy does not solve the problem. This is one of the reasons we prefer running a *BSD boarder router over a Cisco, we can do these things easily. -- Rod Grimes - KD7CAX - (RWG25) rgrimes@gndrsh.dnsmgr.net To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-chat" in the body of the message