Home page logo
/

nanog logo nanog mailing list archives

Re: Remote email access
From: "John R Levine" <johnl () iecc com>
Date: 4 Feb 2003 13:50:14 -0500


Blocking "direct-from-dialup" spam is best done on the receiving end,
blocking *unauthenticated* SMTP connections made directly from dial-up
IPs.

If there were a definitive list of dialup and DHCP IP ranges, I might
agree.  But after some years of compiling the MAPS DUL, Pan Am's PDL, the
osirusoft list, and who knows how many others, there isn't, so I don't see
how that's a practical approach.  Blocking outbound SMTP also prevents
relay exploits of unsecured servers that will never be secured, and
there'll never be a definitive list of them, either.

IMHO, to block ALL outbound port 25 traffic
on the sending end is throwing the baby out with the bathwater.

It certainly is, but for most ISPs, there's a very small baby in a huge
tub of spam.  Remember that this whole question only occurs for dialup or
DHCP users who are not using their ISP's mail service.  While that
probably includes just about everyone you and I know, overall, it's a
teensy minority of ISP customers.

Regards,
John Levine, johnl () iecc com, Primary Perpetrator of "The Internet for Dummies",
Information Superhighwayman wanna-be, http://iecc.com/johnl, Sewer Commissioner
"A book is a sneeze." - E.B. White, on the writing of Charlotte's Web


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault