Hi Burzin,
I wasn't thinking from an individual standpoint, but globally, as in
cooperative efforts by all mail system providers to provide traceability and
valid sender enforcement. I certainly realize that I individually have no
control over others' systems to prevent spam, but with cooperative efforts
between all providers we can make a difference.
Not sure about the second part of your argument regarding FPs and business
risk, and how it relates to this topic. Certainly I've always taken the
stance that we have to err on the conservative side to ensure all legitimate
business correspondence gets delivered, even if it means some spam gets
through.
My point is again that I'd like us to all put our heads together to see what
measures we can initiate that will prevent spam from being sent in the first
place. Outbound port 25 blocking from dynamic addresses is a start, but
would only be partially effective as trojans, open relays, and port
redirectors allow spammers to get around it.
I guess what I was thinking is if we all could come up with a scenario to
all but eliminate spam through cooperation by all providers, we could write
up our recommendations and publish the results to the major players,
lobbyists, and independent and government agencies to try to make it happen.
As I mentioned before I'm wary of efforts that encourage spammers to develop
viruses and worms to circumvent the blocks we put in place, as that could be
a much bloodier battle than the one we're currently in, but here's what I
think the initial pieces to this are. There are obvious holes in this list,
though, and it doesn't completely solve the problem.
1. All SMTP servers verify the sending IP and add it to the headers for
traceability. Some mailservers and ISPs do this, but most do not.
Thankfully, this is something that Declude assists us with.
2. Port 25 blocking for all dynamic addresses with all network providers.
This could cause some problems as I'm sure there are many legitimate
networks that send from internal networks that are only connected via
dynamic addresses, but it seems to be a critical piece to this effort.
Forcing businesses that run internal mail servers to static addresses might
not be a bad thing, though.
3. Globally managed open relay list and blacklist, preferably maintained by
some sort of non-profit internet council. This could help close many open
relays if an authoritative, complete list was formed and maintained. This
organization should be responsive to removal requests, but require the
burden of proof on the petitioner.
4. SMTP AUTH required on all SMTP servers, forcing users to properly
authenticate in order to send. This might help reduce the virus threat.
This is far from foolproof as the virus could use local mail profiles that
have been set up with SMTP AUTH instead of embedding it's own SMTP
component, but it's a start.
I know that this won't be easy, but if we could make it happen, the end
result would be extremely satisfying.
Any comments, or other ideas to add to this list?
Scott, sorry if this is too far off-topic, but I thought this would be a
good community to discuss the possibilities. Let me know if you'd rather we
take this discussion to another list.
Darin.
----- Original Message -----
From: "Burzin Sumariwalla" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Monday, December 15, 2003 11:19 AM
Subject: Re: [Declude.JunkMail] Outbound Port 25, was -> Virginia Indicts
Hi Darin,
For the sake or arguement, I'm assuming one keeps one's server and
up-to-date, patched, and takes prudent efforts to secure these
devices. Most people probably don't secure workstations well enough. The
server side of the equation is too complex.
I don't think you (as an individual) can prevent spam from being sent. You
can only control the email that you send and the actions you take in
response to spam. You as an administator can prevent Spam from being sent
outbound, but beyond securing the server and taking prudent measures your
users are going to have to put up with false positives. Businesses run on
email, and I'm not sure most companies would be willing to take such risks.
Burzin
At 09:12 PM 12/12/2003, you wrote:
>Everyone keep the ideas flowing... maybe we can come up with ideas as to
how
>to keep spam from being sent to begin with.
------
Burzin Sumariwalla Phone: (314) 994-9411 x291
[EMAIL PROTECTED] Fax: (314) 997-7615
Pager: (314) 407-3345
Networking and Telecommunications Manager
Information Technology Services
St. Louis County Library District
1640 S. Lindbergh Blvd.
St. Louis, MO 63131
---
[This E-mail scanned for viruses by Declude Virus]
---
[This E-mail was scanned for viruses by Declude Virus
(http://www.declude.com)]
---
This E-mail came from the Declude.JunkMail mailing list. To
unsubscribe, just send an E-mail to [EMAIL PROTECTED], and
type "unsubscribe Declude.JunkMail". The archives can be found
at http://www.mail-archive.com.
_____________________________________
[This E-mail virus scanned by 4C Web]
---
[This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)]
---
This E-mail came from the Declude.JunkMail mailing list. To
unsubscribe, just send an E-mail to [EMAIL PROTECTED], and
type "unsubscribe Declude.JunkMail". The archives can be found
at http://www.mail-archive.com.
