Date: Fri, 24 Sep 1999 09:37:14 -0700 (PDT) From: "Rodney W. Grimes" <freebsd@gndrsh.dnsmgr.net> To: n@nectar.com (Jacques Vidrine) Cc: current@FreeBSD.ORG Subject: Re: Filtering port 25 (was Re: On hub.freebsd.org refusing to talk to dialups) Message-ID: <199909241637.JAA02838@gndrsh.dnsmgr.net> In-Reply-To: <19990924152438.F0C2BBE08@gw.nectar.com> from Jacques Vidrine at "Sep 24, 1999 10:24:37 am"
next in thread | previous in thread | raw e-mail | index | archive | help
> [This thread is off topic, but ... ] > On 24 September 1999 at 3:00, "Rodney W. Grimes" <freebsd@gndrsh.dnsmgr.net> wrote: > > Another thing that ISP coulds start doing (we are in process with > > this now, but on a monitoring only basis, instead of a deny we > > just log them) is to block all outbound from AS tcp 25 setup packets. > > Monitoring this is not a bad idea. However, if you are suggesting > that an ISP should /filter/ TCP port 25 packets, I have to disagree > strongly. Vehemently, even :-) Perhaps you should try being in the business and having to deal with the calls that happen when some luser signs up with you for the purpose of spamming and admin's around the world start to flood your abuse@domain address with the spammers junk. Perhaps you should have to make the calls to get your IP space unblocked from certain entities due to the actions of 1 bad luser. If we have an AUP that states that all outbound smtp port 25 connections shall be via our smarthost relay hosts we darn well have a right not only to monitor that this is being done, we further more have a right to inforce it if we so decide to. > An ISP is in the business of delivering IP traffic. An ISP that fails > to deliver ALL packets that are well formed (according to the relevant > IETF standards and have a legitimate source address) is not doing what > they are being payed to do. If you want us to be a transpart IP transport you are asking us to waive our AUP. We can, but your contract is going to have to be specially written, and will have serous damage clauses attached to it that will basically allow us to terminate your contract without notice, yet collect the balance due on your contract. > > > This prevents your customers from being something that could get you > > on the RBL or the DUL MAP for bad behavior, it also inforces the use > > of your smart host relay, as it/they is/are the only way to get a > > tcp port 25 setup completed. > > Evil! How does the ISP know I'm not running some other protocol > (which is none of its business) on port 25? How does it know that I > don't have a policy reason for accessing some other mail server than > its own? We don't, but your violating IETF standards by doing anything other than smtp on port 25 of tcp. Violating IETF standards is not a good thing to do, and violating an ISP's AUP is also not a good thing to do. The only real reason to run something other than smtp on port 25 is to circumvent firewalls, which can lead to legal prosecussion. ISP's are _not_ common carriers, or at least the courts haven't made up thier minds on this one. > > Don't throw out the baby with the water! If the baby is causing us problems we darn well throw him right out! And we will collect a big chunk of money from them in the process. -- Rod Grimes - KD7CAX - (RWG25) rgrimes@gndrsh.dnsmgr.net To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199909241637.JAA02838>