Mike Holling wrote:
> > > Can u define anonymous?? (something that doesn't isn't reversed resolved?)
> >
> > Yes I can. If there is no reverse name, that is anonymous. Also, if there
> > is a reverse name, but it has a generic pattern with number sequences and
> > does not identify any particular domain other than the ISP, then that, too,
> > is anonymous.
>
> Just as I've feared, someone has already made the leap from "known analog
> dialup pool" to "anything that looks like a dialup pool". This includes
> ADSL and cablemodem pools as well.
It's not a leap at all. Having called it "dialup" in the first place was
simply incorrect. The problem is that these are "anonymous unauthenticated
sources". Analog dialup, ISDN dialup, *DSL, cable modem, and even T1, can
all fall into this category.
Note that I say "can". None of these circuit technologies actually has to
be "anonymous unauthenticated". The blocking is not applied to the type of
connection in terms of the physical technology, but rather, it is applied
to the LACK OF authentic identity.
So there's been no leap at all.
> > with a real name (even a 3rd level domain name is fine) and real
> > MX records, then it won't look like what we have been referring to
> > as "dialup".
>
> Hmm, just to spite this idea, I may have all the dialups I administer
> resolve to names that don't look like generic dialups:
> "cat.du.example.com", "parrot.du.example.com". If you're going to make it
> harder for me to send mail from my dedicated non-dialup IP that happens to
> "look" like a dialup to you, then I'll make it harder for you to generate
> a pattern that effectively filters dialup hostnames. It's easier for me
> to take steps to break your system and make it ineffective, than jump thru
> extra hoops so the computer connecting to your mailer has a hostname you
> like.
If I get spam from cat.du.example.com I'll block it. If that IP address is
one that can randomly be assigned to many different people, then sometimes
they will, and sometimes they will not, get mail through if they do direct.
If you have a spammer in your midst, likely they will later end up with the
address for parrot.du.example.com, and spam from there. As soon as I get
spam from parrot.du.example.com, then I will block du.example.com. That
will affect them all. While I won't get to block the first couple of spams
as a result of an unobvious pattern, it will eventually get blocked.
So far I do not block by just there being a pattern. I do block by specific
domains that appear to be spam sources. If the ISP puts those names in a
separate subdomain, I can block them by the subdomain without affecting mail
from their actual mail servers. By that means I can block du.example.com as
soon as I notice that the whole domain is the source. OTOH, if you did not
provide that subdomain "du", then I would have to end up blocking the whole
domain, and it would be your fault for not providing distinctiveness (and for
allowing the spammers to send filth in the first place).
--
Phil Howard | [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED]
phil | [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED]
at | [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED]
ipal | [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED]
dot | [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED]
net | [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED]
