> One could imagine changing the paradigm (never easy) so that > the normal Internet service was proxied for common applications > and NAT'ed for everything else... This wouldn't eliminate all the > problems, but would dramatically cut down the incident rate. > > If a site wants wide-open access, just give it to them. If that turns > out to cause operational problems (due to open mail proxies, spam > origination, etc), then put 'em back behind the relays.
guilty until proven innocent, eh? thanks mr ashcroft. randy
