Re: [swinog] Re: blocking ports?
On the Wed, Apr 11, 2007 at 02:31:30PM +0100, jonathan blubbered: Hi. > Sorry but I disagree with Per. ISPs have a duty to prevent email Spam > which is a terrible curse for us all. If they decide that blocking port > 25 outbound will help then they should do it. > > If you are a user, why can't you use the ISPs relay server? If you are a > provider you ought to have your own mail server on a fixed IP address. What good is blocking port 25 for outgoing mail anyway, if your mailserver is as open as a barn door? Furthermore, what does a spammer care? He relays his spam through dozens or hundreds of zombie hosts, which in turn relay the spam through their providers MX relay, filling up the queue and entering the MX into every imaginable blacklist existing. I hope, this will answer your question, why someone does not necessarily wants to use the ISPs relay server at all costs. CU, Venty -- Osama bin Laden ist immer noch frei, aber bist Du es auch noch? Verschluessel deine Mails, benutz GnuPG! http://www.gnupg.org/index.html.de ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] Re: blocking ports?
: You'd be amazed how many companies operate their own : mail servers, even behind dynamic addresses I'm speaking with guys in my company on an issue and part of the discussion has to do with me saying no one runs a mail server from behind a dynamic IP addresses. Other than just your experiences, does anyone have pointers to data on folks that do this? scott --- [EMAIL PROTECTED] wrote: From: Markus Wild <[EMAIL PROTECTED]> To: swinog@swinog.ch Subject: Re: [swinog] Re: blocking ports? Date: Wed, 11 Apr 2007 19:26:39 +0200 Jonathan, > Sorry but I disagree with Per. ISPs have a duty to prevent email > Spam which is a terrible curse for us all. If they decide that > blocking port 25 outbound will help then they should do it. > > If you are a user, why can't you use the ISPs relay server? If you > are a provider you ought to have your own mail server on a fixed IP > address. You'd be amazed how many companies operate their own mail servers, even behind dynamic addresses (in which case they usually use some mailbox polling mechanism to feed their server from mail from the outside), but send outgoing mail directly with SMTP. > Of course, one day we need a better protocol than SMTP (*Simple* Mail > Transfer Protocol) which was never meant as a global email solution. > But until then we have to do something to stop people abusing it. But by killing the payload, not the messenger, please... Cheers, Markus ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] Re: blocking ports?
Adrian Ulrich wrote: >> Seems to me that the benefit of cutting down on Spam would be worth the >> trouble of using port 587... > > Blocking port 25 is just a quick-n-dirty 'fix'. > > What will happen when virus-writers are going to spam using 587 (The > credentials are stored on the users PC anyway..)? Well, the point with submission (587) is that it is authenticated. As such it is very easy to pinpoint which exact user is doing this. Of course now they could steal the credentials and send it over their botnet to another host (oh oh I give ideas away ;) but it should be fairly easy for the ISP to block that single account from spamming the world. Much easier than "oh that IP, where did that hacked dsl line asking for a new dhcp go to" which is also easy with the right management tools but clearly no ISP seem to have that. At least not the ones that need it, the clued ones do have those mechanisms in place and either filter that specific customer directly putting them into a quarantine zone and/or call the customer up. [..] > Spam will be there as long as you can make money with it. Yep ;) Greets, Jeroen signature.asc Description: OpenPGP digital signature ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] Re: blocking ports?
> Seems to me that the benefit of cutting down on Spam would be worth the > trouble of using port 587... Blocking port 25 is just a quick-n-dirty 'fix'. What will happen when virus-writers are going to spam using 587 (The credentials are stored on the users PC anyway..)? What would people do to stop blog-spamming? Blocking port 80 sounds like fun. Spam will be there as long as you can make money with it. -- RFC 1925: (11) Every old idea will be proposed again with a different name and a different presentation, regardless of whether it works. ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] Re: blocking ports?
On Wednesday 11 April 2007 19:26:39 Markus Wild wrote: > You'd be amazed how many companies operate their own mail servers, even > behind dynamic addresses (in which case they usually use some mailbox > polling mechanism to feed their server from mail from the outside), but > send outgoing mail directly with SMTP. Which after all is still quite possible if they use the ISP's MX as smart host which they should do anyhow considering how many people outright block mails from dynamic IPs. Seems to me that the benefit of cutting down on Spam would be worth the trouble of using port 587... pgpjjMdrd7Unv.pgp Description: PGP signature ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] Re: blocking ports?
Jonathan, > Sorry but I disagree with Per. ISPs have a duty to prevent email > Spam which is a terrible curse for us all. If they decide that > blocking port 25 outbound will help then they should do it. > > If you are a user, why can't you use the ISPs relay server? If you > are a provider you ought to have your own mail server on a fixed IP > address. You'd be amazed how many companies operate their own mail servers, even behind dynamic addresses (in which case they usually use some mailbox polling mechanism to feed their server from mail from the outside), but send outgoing mail directly with SMTP. > Of course, one day we need a better protocol than SMTP (*Simple* Mail > Transfer Protocol) which was never meant as a global email solution. > But until then we have to do something to stop people abusing it. But by killing the payload, not the messenger, please... Cheers, Markus ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: AW: [swinog] Re: blocking ports?
Jonathan wrote: > Sorry but I disagree with Per. ISPs have a duty to prevent email Spam > which is a terrible curse for us all. If they decide that blocking > port 25 outbound will help then they should do it. Just for the record - I don't have any problem with ISPs blocking ports or otherwise offering a restricted service. That is something for the ISP to decide. Where I have a problem is when such an ISP does not very clearly make people aware of this - quite often such restrictions are hidden under various obscure clauses in the AGBs. > If you are a user, why can't you use the ISPs relay server? If you are > a provider you ought to have your own mail server on a fixed IP > address. In the case I mentioned, we were on a business line with a range of fixed IPs, but the blocking of port 25 was introduced over all, and the ISP refused to make exceptions, so we cancelled the line immediately (after finding a more flexible provider). /Per -- /Per Jessen, Zürich ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
AW: [swinog] Re: blocking ports?
Jonathan, Customers don't have just one email address, they have a private one (maybe several) and some from the company. Then they are changing the location from home to the office an back with their notebook. Maybe their mail provider is not the same as the internet service provider. So they want to use the mail server from their mail provider (With authentication of course) You cannot really expect, that they reconfigure the mail client every time they change the location. (But there is still Port 587!) Radek -Ursprüngliche Nachricht- Von: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Im Auftrag von jonathan Gesendet: Mittwoch, 11. April 2007 15:31 An: swinog@swinog.ch Betreff: Re: [swinog] Re: blocking ports? Sorry but I disagree with Per. ISPs have a duty to prevent email Spam which is a terrible curse for us all. If they decide that blocking port 25 outbound will help then they should do it. If you are a user, why can't you use the ISPs relay server? If you are a provider you ought to have your own mail server on a fixed IP address. Of course, one day we need a better protocol than SMTP (*Simple* Mail Transfer Protocol) which was never meant as a global email solution. But until then we have to do something to stop people abusing it. Just my 2p worth Jonathan Safe Host Geneva Per Jessen wrote: > Scott Weeks wrote: > > >> -From: Jeroen Massar <[EMAIL PROTECTED]>- >> : To avoid problems there, make a simple policy: if found >> : spreading a virus/spamming and having disabled the blockage: >> : no Internet for a week. Or a similar measure that can of >> : course be lifted after paying a fine. >> >> Wouldn't that make customers go to another comany for service? >> > > Most probably. About three years ago, prior to us becoming a service > provider ourselves, we were "just" a customer, and had to sack our > provider when they decided to reduce their service by blocking port 25. > > Personally, I believe any and all restrictions on an internet connection > must be be very clearly and very obviously stated in the product/ > service description, and that is something many ISPs neglect to do. > > > /Per > > > ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] Re: blocking ports?
Sorry but I disagree with Per. ISPs have a duty to prevent email Spam which is a terrible curse for us all. If they decide that blocking port 25 outbound will help then they should do it. If you are a user, why can't you use the ISPs relay server? If you are a provider you ought to have your own mail server on a fixed IP address. Of course, one day we need a better protocol than SMTP (*Simple* Mail Transfer Protocol) which was never meant as a global email solution. But until then we have to do something to stop people abusing it. Just my 2p worth Jonathan Safe Host Geneva Per Jessen wrote: Scott Weeks wrote: -From: Jeroen Massar <[EMAIL PROTECTED]>- : To avoid problems there, make a simple policy: if found : spreading a virus/spamming and having disabled the blockage: : no Internet for a week. Or a similar measure that can of : course be lifted after paying a fine. Wouldn't that make customers go to another comany for service? Most probably. About three years ago, prior to us becoming a service provider ourselves, we were "just" a customer, and had to sack our provider when they decided to reduce their service by blocking port 25. Personally, I believe any and all restrictions on an internet connection must be be very clearly and very obviously stated in the product/ service description, and that is something many ISPs neglect to do. /Per ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
[swinog] Samsung SCM-140U Cable Modems
Hi All Anyone using those SCM-140 modems? Please contact me offlist! cheers, michel ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
[swinog] Re: blocking ports? (was: does Econophone block port25)
Scott Weeks wrote: > -From: Jeroen Massar <[EMAIL PROTECTED]>- > : To avoid problems there, make a simple policy: if found > : spreading a virus/spamming and having disabled the blockage: > : no Internet for a week. Or a similar measure that can of > : course be lifted after paying a fine. > > Wouldn't that make customers go to another comany for service? Most probably. About three years ago, prior to us becoming a service provider ourselves, we were "just" a customer, and had to sack our provider when they decided to reduce their service by blocking port 25. Personally, I believe any and all restrictions on an internet connection must be be very clearly and very obviously stated in the product/ service description, and that is something many ISPs neglect to do. /Per -- /Per Jessen, Zürich ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] SwiNOG-14
SwiNOG-14 (30-05-2006) Registration is OPEN Hmm I think that you need to update your static content in the script ;-) s/2006/2007 http://www.spale.com/cgi-bin/swinogreg Chris. >>> Pascal Gloor <[EMAIL PROTECTED]> 10.04.2007 14:28 >>> Dear SwiNOGers, SwiNOG 14 will be held as usualy at the Altestramdepot in Bern. The meeting date is the 30.05.2007 Registration form: http://www.swinog.ch/meetings/registration.asp General meeting information: http://www.swinog.ch/meetings/swinog14/index.asp Cheers, Pascal The SwiNOG-Core Team ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
[swinog] Looking for Cisco Switches...
Hi folks For a temporary installation for a customer i'm looking for Cisco Switches with at least FE-Ports. Some 2900 or better are fine. If you have something to sale, please send an offer to me (off-list). Thanks & best wishes, Matthias _ mhs @ internet AG Zürcherstrasse 204, CH - 9014 St. Gallen Phone +41 71 274 93 93, Fax +41 71 274 93 94 http://www.mhs.ch _ ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog