Home page logo
/

interesting-people logo Interesting People mailing list archives

IIJ "Improves" their service
From: David Farber <dave () farber net>
Date: Thu, 23 Nov 2006 20:35:24 -0500



Begin forwarded message:

From: rod van meter <rdv () tera ics keio ac jp>
Date: November 23, 2006 8:17:10 PM EST
To: dave () farber net
Cc: Rod VanMeter <rdv () tera ics keio ac jp>, bob.hinden () nokia com
Subject: IIJ "Improves" their service

Hi Dave,

For IP, if you wish...

IIJ, Internet Initiative Japan, is one of the oldest and most respected ISPs in the country. I've never used anyone else. But the day before yesterday, they implemented an "improvement" to their network that has me looking for another ISP.

With no prior announcement that I saw, they started blocking outbound SMTP. This means that, all of a sudden, I can't send email from my house, except by using some web-based mail system such as Gmail.

I use three different email accounts that I need outbound SMTP access for. I called IIJ's customer service line, and the woman I talked to suggested that I get all of the systems I use to open up SMTP on another port. Ugh. Like that would solve anything, even if I could get them to do it (which is not at all obvious).

I threatened to cancel my service, and she said that any other ISP I can find will likely either already have port 25 blocked, or be doing so in the near future. It's an anti-spam measure recommended by the Japan Email Anti-Abuse Group (JEAG).

I haven't been this angry about some utility in a long time...

Press release at http://www.iij.ad.jp/en/pressrelease/2006/1114.html

I suspect many IPers have run into this same problem with their ISP. How have they handled it? SMTP over port-forwarded SSH? Some other form of VPN to their "home" network?

(This kind of action by ISPs, in my opinion, is just forcing more of the Internet's true functionality to be carried over port 80, encoded in XML, where it is arguably harder to parse and filter for "bad" behavior. I read a book on SOAP a few years ago that said that RPC was open to various forms of abuse and was difficult to get through firewalls, therefore doing RPC over SOAP was a big improvement. Based on that description, I couldn't see any improvement except a change in the formatting from a binary-encoded RPC to a less efficient ASCII-encoded RPC, carried over a different port and session manager. (I presume SOAP has some actual benefits, but they certainly weren't clear from that book.)

In case it isn't obvious, I'm not a big fan of firewalls (nor of NAT); I'm a believer in end-system security (I know, that still doesn't stop those who intentionally spam). I guess that puts a big "Old School Curmudgeon" sticker on my forehead.

This will probably earn me some email from those working for ISPs, complaining that I'm not the one who has to live with the day-to-day management of the networks, and they're right. My right to complain is limited; I got out of system and network management before spam ate the entire planet, but I do remember dealing with Robert Morris's worm.)

  --Rod


-------------------------------------
You are subscribed as lists-ip () insecure org
To manage your subscription, go to
 http://v2.listbox.com/member/?listname=ip

Archives at: http://www.interesting-people.org/archives/interesting-people/


  By Date           By Thread  

Current thread:
  • IIJ "Improves" their service David Farber (Nov 24)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault