Quoting Jeff Kinz <[EMAIL PROTECTED]>: > On Mon, Mar 31, 2003 at 12:37:49AM -0600, Thomas Charron wrote: > > Since when is forcing an SMTP server to accept your mail a > punishment? > It isn't. Whats happening here is that hundreds, possibly thousands > of people who do NOT have open relays cannot use a standard internet > protocol in the standard, approved fashion. Twenty years of internet > policy are thrown away because AOL/comcast are lazy.
No. They have no other way to reasonably filter things out. This is a very good way to do it, really. Sure, it sucks. I sure loved having a dynamic DNS account setup for MY broadband box, and being able to send and recieve mail there. But they are sure not lazy. They just have no control. SMTP wasn't built for what it's being used for. Just like IRC. And there is no easy way to fix it at all without breaking backward compatibility, which is another biggie in terms of the internet and long standing traditions. > No - but proper cooperative behavior - which includes freely > exchanging > email, is part of the basic nature of the internet and has been for over > twenty > years. It is a fundamental characteristic which makes the internet > so valuable and useful. If it is abridged the entire Internet is > damaged. Sure. It's damaged. And shutting down telnet is just as 'damaging'. Disallowing remote shell access. Damaging. IRC servers crashing worldwide and causing mass netsplits due to a protocol whos time has passed. Damaging. But they aren't saying 'use Lotus notes or exhange'. They're saying 'We dont have a method to trust these IPs, so we're not going too'. > And this is not some vague, theoretical damage. Take a look at > "at Home in the Universe" by Stuart Kauffman or "The collapse of chaos" > by > Cohen and Stewart. The specific emergent characteristics of the > internet are > completely dependent on the uncensored nature of the flow of information > on > the internet. An entity as large as AOL can actually damage that flow > and in so doing will lessen the internet, eventually causing great > harm. Again. They are not stopping email from flowing. They are simply putting up a dam on a river that causes great floods every year. Does it effect the ecology of the net? Yes. Will the waterfowl who used to live in the swampland that the floods caused suffer? Yeppers. Will your house be in danger anymore? Prolly not. Can the waterfowl live someplace else? Yes. Should we dam the river for the greater good? No one knows for sure, but we lived there, and didnt want the flood of spam to fill our basements with water anymore. > Further more - AOL's decision doesn't fix the spam problem. It just > pushes > it somewhere else. Lets really fix the problem. Lets implement an > SMTP > protocol that contains embedded PGP Authentication. No more casual > anonymity. Good idea. Go too it. Make sure to make it backward compatible to millions of existing SMTP servers can still work.. > (Real anonymity has a purpose and will still need to be available > through > anonymous email gateways which are PGP authenticated) You just got done quoting some things which say that interference is bad. What if I want to be completely anonymous, as is the current system. What if I setup that open relay for just that thing.. > > It's not the spammers here. It's the open relays that spammers USE. > It's the > > people who relay. > So is comcast scanning for Open Relays and shutting them down/getting > them > fixed? No - they are implementing a policy that harms more innocent > parties than guilty parties You mean, actively policing the internet? You mean doing what the law now considers 'attacking' a machine? Actively probing and telling you whats ok and not ok? > Do we take away everyone's car because drunk drivers use them too? Do we subject them to active checkpoints with strip searches, and trust them to actively scan for whats considered good versus bad? > But I am not an unknown number - all my mail comes from kinz.org. I > am > available to be held accountable for my emails. > (And I have been, believe me :-) ) And my 8 year old son can get ahold of my credit card, and get a DNS name. DNS is NOT a reliable way to hold the contact liable for anything at all. > At the very least AOL should accept SMTP from registered domains. I > can > understand not accepting it from semi-anonymous dynamically assigned > IP's. And how, pretell, can they tell the difference? > (Come see the violence inherent in the sys-admin! :-) > (http://www.userfriendly.org/cartoons/archives/99mar/uf000427.gif) LOL. I didnt know Pitr worked for comcast? ;-) > > Oh my GOD man. They rejected your SMTP email. Shesh. Since the > protocol has > :-) I'm not comparing the magnitude of immorality in the Pinto > decision to > AOL decision to block residential IP's. I'm saying its the same KIND of > thinking, "We don't care who gets hurt, we are maximizing profit". They dont profit from it. THAT'S the different. They're not saying 'pay us money to accept your SMTP mail'. > > .... Since the protocol has > > no built in method of authentication, this is the best they can do. > You can > > either eat spam, or do something like this. Period. > Hmmm - I don't eat spam - I use Bogofilter. > So lets change the protocol! Takes time. You're right, lets change the protocol. But no one has. They've embraced and extended the protocol, and built on it, but the idea of a solid authentication method was built for things like, well.. Kerebose, etc.. > Again - that doesn't fix the problem. It allows it to grow and get > worse. How? > It "secures" a huge block of innocent peoples internet nodes. Just to > get > relatively few poorly secured systems. How about we sue the hell out > the > people who have open relays and get it well publicized? It is. You can easily get lists. But HOW do you get them fixed? Is it a crime? Not really. SENDING spam is a crime.. Technically, in some places.. > "Gee - if I don't take care to make sure my system can't relay mail it > could > cost me thousands of dollars? I'd better do something!" I wonder if > Norton > has a $35 tool for this? (from the brain of a Wintel PC owner)" 'Where's the any key?' > > You know.. The same reason why some here always include their PGP > signature > > to validate identiy? > Or some don't because its not yet widely enough participated in to be > worthwhile. It needs to become a mandatory part of the mail transport > protocol. Really now. And who, in this open world of the internet, is GOING to make it madatory? The open community could say PGP. Microsoft could say use 'Passport'. Now, who's right? You know, it occursr to me. This sort of authentication is exactly what something like Passport .NET and the such where built for.. OOOhh.. Lookie here.. Worms!!! :-) -- Thomas Charron -={ Is beadarrach an ni an onair }=- _______________________________________________ gnhlug-discuss mailing list [EMAIL PROTECTED] http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
