Re: [anti-abuse-wg] The well-behaved ISP's role in spamfight

[ox]

On Mon, 13 Feb 2017 22:18:49 +0100
peter h  wrote:
> There is not any req that all customers always should be forced to use
> ISP relays, the default behaviour might be to use ISP relays, and
> to have DHCP given address. But for an extra service one could 
> obtain a fixed address, and as extra service, use port 25.  The main 
> point is to have those "unaware" users, whos computers might be
> stolen, prevented. They won't notice, and they don't get harmed.
> 
there used to be free (and reasonably well maintained) open lists of
dynamic IPv4 ranges. Since everyone started selling (or renting) data,
getting a free (and maintained) list of dynamic ranges, is difficult,
if not impossible - anyone know of any such free list?

> Spam from a fixed ip or range is much easier to detact and correct
> then spam from any box that happens to get an DHCP lease.
> Flexibility and service is the keyword here.
>
in a perfect world only email servers would be sending email. In our
world someone's Android phone could also be an email server & client 
and some "ISP"  loves using dynamic ranges as excuse for poorly
maintained or non responsive abuse systems (or policy enforcement)
  
> Also, to have a AUP that gives the ISP right to disconnect or block
> offenders is importent, and also that the customer has right to
> service. Any aggreement is twofold, both rights and obligations, like
> in society in general.
> 
> I'm glad that spam is recignised as the problem it is and hope a
> renewed activity to claim back the bandwitdh and storage space the
> spammer has taken from us.
> 
> Yours
> 
> 

Re: [anti-abuse-wg] The well-behaved ISP's role in spamfight

[peter h]

On Monday 13 February 2017 18.09, Richard Clayton wrote:
> In message <201702131743.10508.pe...@hk.ipsec.se>, peter h
>  writes
> 
> >The very simplest thing to do is make sure any outbound smtp is relaye 
> >through
> >the ISP's
> >mailrelays, where spam could be detected and subsequently blocked.
> 
> this is very unpopular with legitimate businesses who wish to be fully
> in control of their email sending destiny -- and ISPs generally do not
> wish to discourage the people who cause no trouble and pay their bills
> regularly and on time
> 
> so although "port 25 blocking" is a M3AAWG Best Practice it has not been
> widely adopted with the main (but not only) exception being the large
> consumer ISPs in the US (ISPs in Europe have, for historical reasons,
> had a significant number of business customers mixed in with pure
> consumers and that has made the difference)

There is not any req that all customers always should be forced to use
ISP relays, the default behaviour might be to use ISP relays, and
to have DHCP given address. But for an extra service one could 
obtain a fixed address, and as extra service, use port 25.  The main 
point is to have those "unaware" users, whos computers might be stolen, 
prevented. They won't notice, and they don't get harmed.

Spam from a fixed ip or range is much easier to detact and correct then spam 
from 
any box that happens to get an DHCP lease.  Flexibility and service is the
keyword here.

Also, to have a AUP that gives the ISP right to disconnect or block offenders is
importent, and also that the customer has right to service. Any aggreement
is twofold, both rights and obligations, like in society in general.

I'm glad that spam is recignised as the problem it is and hope a renewed 
activity to claim back the bandwitdh and storage space the spammer has taken 
from us.

Yours


-- 
Peter Håkanson   

There's never money to do it right, but always money to do it
again ... and again ... and again ... and again.
( Det är billigare att göra rätt. Det är dyrt att laga fel. )

Re: [anti-abuse-wg] The well-behaved ISP's role in spamfight

[Sascha Luck [ml]]

On Mon, Feb 13, 2017 at 05:43:09PM +0100, peter h wrote:

The role for an ISP in fighting abuse is to detect and prevent
it's customer from sending malware & spam out of it's network.
Not filter incoming stuff, that would be censoring.


And requiring to submit publications to a third party for
approval prior to sending them is *not* censorship?

rgds,
Sascha Luck

Re: [anti-abuse-wg] The well-behaved ISP's role in spamfight

[Richard Clayton]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

In message <201702131743.10508.pe...@hk.ipsec.se>, peter h
 writes

>The very simplest thing to do is make sure any outbound smtp is relaye through 
>the ISP's 
>mailrelays, where spam could be detected and subsequently blocked.

this is very unpopular with legitimate businesses who wish to be fully
in control of their email sending destiny -- and ISPs generally do not
wish to discourage the people who cause no trouble and pay their bills
regularly and on time

so although "port 25 blocking" is a M3AAWG Best Practice it has not been
widely adopted with the main (but not only) exception being the large
consumer ISPs in the US (ISPs in Europe have, for historical reasons,
had a significant number of business customers mixed in with pure
consumers and that has made the difference)

- -- 
richard   Richard Clayton

Those who would give up essential Liberty, to purchase a little temporary 
Safety, deserve neither Liberty nor Safety. Benjamin Franklin 11 Nov 1755

-BEGIN PGP SIGNATURE-
Version: PGPsdk version 1.7.1

iQA/AwUBWKHoZDu8z1Kouez7EQKegACg5dQkRoa/iAJYEI4QDXu6AkDaL40AnRAO
Ok9QS77z8Acf265vH5lDQf9W
=eO/I
-END PGP SIGNATURE-

Re: [anti-abuse-wg] The well-behaved ISP's role in spamfight

[Suresh Ramasubramanian]

I wish it were that clear cut.  You also have a role to protect your customers 
against threats, and to ensure that their mailbox is at least usable rather 
than deluged with spam.

Being proactive about postmaster complaints and being sensitive to false 
positives in filtering is a useful middle path and a widely defined best 
practice. Never mind that quite a few large players don’t follow it.

--srs

On 13/02/17, 8:43 AM, "anti-abuse-wg on behalf of peter h" 
 wrote:

As my wife urged me to clarify things :-)

The role for an ISP in fighting abuse is to detect and prevent it's customer
from sending malware & spam out of it's network. Not filter incoming
stuff, that would be censoring.

 

[anti-abuse-wg] The well-behaved ISP's role in spamfight

[peter h]

As my wife urged me to clarify things :-)

The role for an ISP in fighting abuse is to detect and prevent it's customer
from sending malware & spam out of it's network. Not filter incoming
stuff, that would be censoring.

A number of means is available for an ISP, most provided that a customer has
signed implicity or in some form a AUP where rules for use of it's services
are stated.

The very simplest thing to do is make sure any outbound smtp is relaye through 
the ISP's 
mailrelays, where spam could be detected and subsequently blocked.

A large number of other measures exists, it's only a matter of priority.

Relying on operating systems ( read MS) to solve spam 
is hopeless, just think of MS track record. And open source won't help either.

Junking SMTP would mean that we loose a independent vendor-independent 
autonomous
decentralized way of exchanging messages. It vwon't stop the bad guys, they can
always find ways around it, but it will stop you and me from freedom to
express ourself and exchange thoughts. 


Thanks for the opportunity to express my thoughts.

-- 
Peter Håkanson   

There's never money to do it right, but always money to do it
again ... and again ... and again ... and again.
( Det är billigare att göra rätt. Det är dyrt att laga fel. )