blackhole spam => mail unreliability (Re: A Trial Balloon to Ban Email?)
Anne & Lynn Wheeler
lynn at garlic.com
Fri May 9 22:35:36 PDT 2003
Currently ISPs typically "notice" when they get complaints. ISPs could do a
much better job of actively noticing and limiting mail at ingress ... as
opposed to waiting for somebody to complain and canceling the account. Many
of the recent statements about ISPs can't limit email at ingress
dynamically are similar to the comments about not being able to filter
ingress packets if their origin address didn't match the ip address of the
sender (as stated in the original posting) ... per the ingress packet
filtering RFC referenced in the original post.
My original post mentioned that the ISPs could then do their own effort of
blacklisting (of other ISPs). Currently spam blacklists can be somewhat
like vigilantes .... with the argument analogy that since vigilantly
justice can make mistakes then there shouldn't be any highway patrol, FBI,
and/or secret service. ISPs would be expected to filter on ingress of email
from their own customers .... and even if the 10 top ISPs blacklisted other
ISPs that didn't do a reasonable job of ingress filtering ... it could
start to put a big dent in the spamming business, possibly cutting it from
40-80% of existing email down under 5-10%. It is sort of like stop signs
and stop lights .... there are typically hundreds of more intersections
than there are traffic enforcers .... however with sufficient leverage ...
it can significantly improve the situation ... even if it can be proved
that it can't, absolutely, 100% guarantee one hundred percent compliance.
I didn't make any statement about ISPs attempting to identify spammers when
they register the account .... the original post was only with regard to
ISPs doing active email ingress filtering. My ISP recognizes and bills me
extra if I'm simultaneously connected multiple times ... there is a little
latitude for modem hanging, my dropping the line ... but the modem not
reporting it ... and my connecting on a different modem. It also does
traffic load-leveling if I really try and hit it hard. If it can bill extra
for simultaneous connects and traffic load leveling, it can do both packet
ingress filtering and email ingress filtering.
past thread drawing the analogy that the information superhighway is
something like the wild west .... w/o traffic rules, traffic signs, traffic
lights, speed limits, and enforcement. start with a couple hundred people
in town .... and went to millions ... and there still isn't even any rule
about which side of the road people should be driving on.
http://www.garlic.com/~lynn/2001m.html#30 Internet like city w/o traffic
rules, traffic signs, traffic lights and traffic enforcement
At 06:02 AM 5/10/2003 +0100, Adam Back wrote:
>On Fri, May 09, 2003 at 10:11:52AM -0600, Anne & Lynn Wheeler wrote:
> > So it is much easier for ISPs to have lists of other trusted &/or
> > untrusted ISPs that they will accept email from.
>
>Any internet user needs to be able to send mail to any other internet
>user. Which means the default has to be open (blacklists rather than
>whitelists). Then you have the blackhole lists like ORBs etc, which
>block domains used predominantly by spammers. But the problem is
>spammers don't stay in one place, they buy service from ISPs and spam
>flat-out until the ISP notices and cancels the account. Some ISPs are
>more grey -- they want to make money from spammers by providing them
>service, and some ISPs just don't notice or respond that quickly. The
>ISP can't distinguish spammers from non-spammers when they receive
>customer orders. The blackhole people are arbitrary vigilantes by and
>large, so the overall effect you might argue does reduce spam, but it
>also results in lost mail.
>
>My experience was I couldn't get mail from my brother who was using
>btinternet, one of the largest ISPs in the UK because some idiot
>blackholer blackholed their dynamic IPs. Not doubt there were at some
>time some spammers using BTinternet as with just about any other ISP.
>Recently I couldn't receive mail from John Gilmore, and so it goes.
>
>So I don't see how this is a "solution", rather it is just a broken
>countermeasure with scatter gun fall-out of false positives for all
>the other people who find themselves sharing the same ISP as spammers
>long enough for the blackhole people to add them.
>
>Adam
--
Anne & Lynn Wheeler http://www.garlic.com/~lynn/
Internet trivia 20th anv http://www.garlic.com/~lynn/rfcietff.htm
More information about the cypherpunks-legacy
mailing list