Re: I don't trust 'em.
>We hope you enjoy your visit to our timeline. Around here, static IPs >cost about another $5 a month (that's the rate currently quoted at >www.visi.com, for example, as well as the number in my memory, and the >number reported on this list by a number of other people). And for >ADSL, at least one local ISP (a different one) does them ALL as static >IPs by default. (I'm in Minneapolis MN). This is unfortunately not a valid comparison. ISPs that started business 3 or 4 years ago had no problem getting massive blocks of IP addresses for their own use (a few places got entire /16s with virtually no justification). Today getting IPs is extremely difficult. We have around 1000 dialup ports, and can therefore justify a need for at least 1000 IPs, but it took a lot of cajoling to get just that. We aren't in a position to give away static IPs to dialup customers at any practical price. We have to conserve them for our dedicated and DSL customers because we can't guarantee that we'll get any more later. Unfortunately the people administering the IP address space kinda screwed up early on in their allocations, and now there's no real way to get the unused IP blocks back. Water under the bridge I guess. The point is that static IPs don't cost $5 at every ISP; they aren't even available at many, many ISPs. shag
Re: I don't trust 'em.
Tim Pierce <[EMAIL PROTECTED]> writes on 2 February 1999 at 13:05:26 -0500 > On Tue, Feb 02, 1999 at 05:22:47AM -0500, Cris Daniluk wrote: > > And what's to stop someone from buying a > > static IP from their ISP with its own lovely domain and spamming the world > > freely? > > The economics of static IP discourage it. ISPs in the U.S. often > charge $200-300 in setup fees for static IP addresses, and typically > an additional $100 per month. The spammer would have to be pretty > sure that they would gross at least $400 per spam run in order to make > it worthwhile, and I would guess that most spammers don't see anything > close to that. We hope you enjoy your visit to our timeline. Around here, static IPs cost about another $5 a month (that's the rate currently quoted at www.visi.com, for example, as well as the number in my memory, and the number reported on this list by a number of other people). And for ADSL, at least one local ISP (a different one) does them ALL as static IPs by default. (I'm in Minneapolis MN). -- David Dyer-Bennet [EMAIL PROTECTED] http://www.ddb.com/~ddb (photos, sf) Minicon: http://www.mnstf.org/minicon http://ouroboros.demesne.com/ The Ouroboros Bookworms Join the 20th century before it's too late!
Re: I don't trust 'em.
On Tue, 2 Feb 1999, Tim Pierce wrote: > On Tue, Feb 02, 1999 at 05:22:47AM -0500, Cris Daniluk wrote: > > And what's to stop someone from buying a > > static IP from their ISP with its own lovely domain and spamming the world > > freely? > > The economics of static IP discourage it. ISPs in the U.S. often > charge $200-300 in setup fees for static IP addresses, and typically > an additional $100 per month. The spammer would have to be pretty > sure that they would gross at least $400 per spam run in order to make > it worthwhile, and I would guess that most spammers don't see anything > close to that. I don't charge any kind of setup fee for a static IP, just $5/mo. However, when someone requests a static IP, it perks up my ears and I ask alot more questions and emphasize our terms. Domains incur setup fees, though. Nobody's claiming this will stop spam, just make it that much more difficult. That's all we can do. James SmallacombeInternet Access for The Delaware [EMAIL PROTECTED]Valley in PA, NJ and DE PlantageNet Internet Ltd.http://www.pil.net = ISPF 2.0b, The Forum for ISPs by ISPs. San Diego, CA, March 8-10 '99 Three days of clues, news, and views from the industry's best and brightest. http://www.ispf.com for information and registration. =
Re: I don't trust 'em.
On Tue, Feb 02, 1999 at 05:22:47AM -0500, Cris Daniluk wrote: > And what's to stop someone from buying a > static IP from their ISP with its own lovely domain and spamming the world > freely? The economics of static IP discourage it. ISPs in the U.S. often charge $200-300 in setup fees for static IP addresses, and typically an additional $100 per month. The spammer would have to be pretty sure that they would gross at least $400 per spam run in order to make it worthwhile, and I would guess that most spammers don't see anything close to that. > Or relaying off of some server 2 thousand miles away that doesn't > block relays? Some mail servers cant (for example sites like yahoo.com who > have mail gateways... by the way, about 50-60% of spam I receive comes from > "trusted" mail servers on mail gateways like this). More and more spammers are > putting "ADV:" in their topics as is required by law and more and more are > also sending "To be removed" messages. While the to be removed messages don't > really work half the time, I think it is safe to say that a well constructed > message filter could be made to block these out, if not on the MUA level, on > the mail server level. In fact, our system-wide procmail filters include almost 200 recipes for blocking spam based on patterns in the message body. These include the Murkowski disclaimer, text like "hit reply to remove," "we are sorry if you have received this in error," "we are a responsible bulk emailer," "this is only an opt-in list," and other spammers' weasel words. We have a great deal of experience trying to block spam using full-text filters. The truth of the matter is that you can indeed stop a fairly high proportion of spam this way, but not enough to make it worthwhile to analyze the spam text and write new filters. Even 40% of a flood is still a deluge. -- Regards, Tim Pierce RootsWeb Genealogical Data Cooperative system obfuscator and hack-of-all-trades
Re: I don't trust 'em.
So many misconceptions, so little time... On Tue, Feb 02, 1999 at 05:22:47AM -0500, Cris Daniluk wrote: } } You assume an ISP would do this. Really? That's an awful lot of work for } something an Inbox filter would stop. And what's to stop someone from buying a } static IP from their ISP with its own lovely domain and spamming the world } freely? The terms of the contract they sign with the ISP that gives them the static domain. The same thing that eventually stopped Samford Wallace (which is a vast oversimplfication, but...). If the ISP is a spambone, it can easily be blocked. (One of the only useful features of iemmc.org was that you could block it because you knew it was all-spam-all-the-time.) If the ISP is responsible, the spammer gets shut down. } Or relaying off of some server 2 thousand miles away that doesn't } block relays? ORBS. And convincing admins to shut down their open relays. } Some mail servers cant (for example sites like yahoo.com who } have mail gateways... by the way, about 50-60% of spam I receive comes from } "trusted" mail servers on mail gateways like this). I *really* doubt this. The spam may *say* in the From: line that it's from @yahoo.com, but you can't trust anything in a spam. The only things you can trust are the entries in your logs and the few lines of the header that your own qmail puts there. Most spam that I get from bogus @yahoo.com and @hotmail.com addresses are actually sent via relay rape of machines having nothing to do with yahoo or hotmail. } More and more spammers are } putting "ADV:" in their topics as is required by law and more and more are } also sending "To be removed" messages. There is no national law on spam. } While the to be removed messages don't } really work half the time, I think it is safe to say that a well constructed } message filter could be made to block these out, if not on the MUA level, on } the mail server level. What they do when you reply to one is show the spammer that your address actually works. That's valuable information to them, and insures that you'll get more spam. } } -- } Cris Daniluk [EMAIL PROTECTED] } - } Digital Services Network, Inc. http://www.dsnet.net } 1129 Niles-Cortland Road, Warren, Ohio 44484 [EMAIL PROTECTED] } (330) 609-8624 ext. 20 Fax (330) 609-9990 } The Web Hosting Specialists } - } } } -- Paul J. Schinder NASA Goddard Space Flight Center [EMAIL PROTECTED]
Re: I don't trust 'em.
Russell Nelson wrote: > Mike Holling writes: > > Exactly. The implicit assumption being promoted here is that an ISP's > > mail server is somehow more "legitimate" than an arbitrary mailserver on > > the Internet. As Russ has just demonstrated, there is quite a bit of > > legitimate mail transacted on non-ISP servers. > > Why should I trust J. Random SMTP client to be non-abusive? You're > trying to convince me that I should trust *all* SMTP clients equally. > You're going to fail at that, because some have PROVEN themselves not > worth of trust. I have the evidence of my own eyes -- the spam in my > mailbox. > > How does one develop trust? Through credentials -- a chunk of > information that says that you are who you say you are. How do the > credentials become believable? Because of the reputation of the > issuing institution. > > Machines with static IP addresses have a credential -- the > correspondance between name and number. Muncher.math.uic.edu has > proven itself trustworthy. How do I know it is muncher? By it's IP > address, and by the reverse DNS record that identifies it as muncher. > Could someone forge muncher's identity? Yes, by DNS spoofing. That > is too much work for spammers, however. > > Unfortunately for the legitimate users, dialup users have proven > themselves untrustworthy, because they are at the moment of connection > anonymous. How can they generate the necessary trust? Well, for one, > by having a DNS record which identifies them as trustworthy. Their > ISP can issue them a address from a pool which is trusted, once they > have proven their trust. Or vice-versa, a new or trial user would be > given an address in a pool which is not trusted. > > Another way they could be trusted is by going through a proxy. This > proxy runs on a host with a credential, and allows access only to > trusted SMTP clients. > > I'm sure that there are other methods for developing trust. One thing > is for sure: you can't trust random SMTP clients. This is not your > father's ARPANet, where all hosts were by definition trusted. > > -- > -russ nelson <[EMAIL PROTECTED]> http://crynwr.com/~nelson > Crynwr supports Open Source(tm) Software| PGPok | There is good evidence > 521 Pleasant Valley Rd. | +1 315 268 1925 voice | that freedom is the > Potsdam, NY 13676-3213 | +1 315 268 9201 FAX | cause of world peace. You assume an ISP would do this. Really? That's an awful lot of work for something an Inbox filter would stop. And what's to stop someone from buying a static IP from their ISP with its own lovely domain and spamming the world freely? Or relaying off of some server 2 thousand miles away that doesn't block relays? Some mail servers cant (for example sites like yahoo.com who have mail gateways... by the way, about 50-60% of spam I receive comes from "trusted" mail servers on mail gateways like this). More and more spammers are putting "ADV:" in their topics as is required by law and more and more are also sending "To be removed" messages. While the to be removed messages don't really work half the time, I think it is safe to say that a well constructed message filter could be made to block these out, if not on the MUA level, on the mail server level. -- Cris Daniluk [EMAIL PROTECTED] - Digital Services Network, Inc. http://www.dsnet.net 1129 Niles-Cortland Road, Warren, Ohio 44484 [EMAIL PROTECTED] (330) 609-8624 ext. 20 Fax (330) 609-9990 The Web Hosting Specialists -
Re: I don't trust 'em.
On Tue, Feb 02, 1999 at 04:15:53AM -, Russell Nelson wrote: > Mike Holling writes: > > Exactly. The implicit assumption being promoted here is that an ISP's > > mail server is somehow more "legitimate" than an arbitrary mailserver on > > the Internet. As Russ has just demonstrated, there is quite a bit of > > legitimate mail transacted on non-ISP servers. > > Machines with static IP addresses have a credential -- the > correspondance between name and number. Muncher.math.uic.edu has > proven itself trustworthy. How do I know it is muncher? By it's IP > address, and by the reverse DNS record that identifies it as muncher. > Could someone forge muncher's identity? Yes, by DNS spoofing. That > is too much work for spammers, however. If it works, they might learn Greetz, Peter. -- .| Peter van Dijk .| [EMAIL PROTECTED]
Re: I don't trust 'em.
Russ Allbery writes: > Russ Nelson <[EMAIL PROTECTED]> writes: > > > Unfortunately for the legitimate users, dialup users have proven > > themselves untrustworthy, because they are at the moment of connection > > anonymous. How can they generate the necessary trust? Well, for one, > > by having a DNS record which identifies them as trustworthy. Their ISP > > can issue them a address from a pool which is trusted, once they have > > proven their trust. Or vice-versa, a new or trial user would be given > > an address in a pool which is not trusted. > > There's a problem with this method of going at things. The problem is > that people really don't have a clear idea of which pools at an ISP are > trusted and which aren't, so they just block everything that looks like a > dialup to them. The result is that there is absolutely no incentive for > an ISP to go to the work of setting up two separate pools, since the > people blocking spam would just block them both anyway. That's why the ISP names the one pool .dialup.isp.com, and the other .trusted.isp.com. Then we can use qmail-smtpd modified by my BOUNCEMAIL patch found in http://www.qmail.org/rbl, *or* Dan's rblsmtpd as-is. Use tcpserver modified by Chuck Foster's patch to lookup names, and add .dialup.isp.com:allow,BOUNCEMAIL="521 I do not accept mail from dialups" or .dialup.isp.com:allow,RBLSMTPD="-I do not accept mail from dialups" Note: it's insecure to use Chuck's patch to *allow* services by name. It's perfectly fine to use it to *deny* services, though. Who would bother breaking security to deny themselves service?? Auto-DOS attack. :) "Stop me before I stop myself again!" The other thing the ISP can do is add their untrusted dialups to the DUL. -- -russ nelson <[EMAIL PROTECTED]> http://crynwr.com/~nelson Crynwr supports Open Source(tm) Software| PGPok | There is good evidence 521 Pleasant Valley Rd. | +1 315 268 1925 voice | that freedom is the Potsdam, NY 13676-3213 | +1 315 268 9201 FAX | cause of world peace.
Re: I don't trust 'em.
Russell Nelson <[EMAIL PROTECTED]> writes: > Unfortunately for the legitimate users, dialup users have proven > themselves untrustworthy, because they are at the moment of connection > anonymous. How can they generate the necessary trust? Well, for one, > by having a DNS record which identifies them as trustworthy. Their ISP > can issue them a address from a pool which is trusted, once they have > proven their trust. Or vice-versa, a new or trial user would be given > an address in a pool which is not trusted. There's a problem with this method of going at things. The problem is that people really don't have a clear idea of which pools at an ISP are trusted and which aren't, so they just block everything that looks like a dialup to them. The result is that there is absolutely no incentive for an ISP to go to the work of setting up two separate pools, since the people blocking spam would just block them both anyway. What I'd like people to do is think. The response I seem to get a lot is "it's too much work to think and track and figure out how ISPs are doing things, so I'll just not think, since it works 99% of the time anyway." And you know, I really can't argue with that. Except to say that there's a limit to how far I'm personally willing to go in "fighting spam" and if the time comes that people want me to jump through more hoops than I'm willing to get mail delivered to them, I just won't. And then I suppose I'll find out whether those people will miss my contributions to the Internet more than I'll miss theirs. And with that, I'll stop responding to this thread, as I'm sure this is annoying lots of people by now. -- Russ Allbery ([EMAIL PROTECTED]) http://www.eyrie.org/~eagle/>
I don't trust 'em.
Mike Holling writes: > Exactly. The implicit assumption being promoted here is that an ISP's > mail server is somehow more "legitimate" than an arbitrary mailserver on > the Internet. As Russ has just demonstrated, there is quite a bit of > legitimate mail transacted on non-ISP servers. Why should I trust J. Random SMTP client to be non-abusive? You're trying to convince me that I should trust *all* SMTP clients equally. You're going to fail at that, because some have PROVEN themselves not worth of trust. I have the evidence of my own eyes -- the spam in my mailbox. How does one develop trust? Through credentials -- a chunk of information that says that you are who you say you are. How do the credentials become believable? Because of the reputation of the issuing institution. Machines with static IP addresses have a credential -- the correspondance between name and number. Muncher.math.uic.edu has proven itself trustworthy. How do I know it is muncher? By it's IP address, and by the reverse DNS record that identifies it as muncher. Could someone forge muncher's identity? Yes, by DNS spoofing. That is too much work for spammers, however. Unfortunately for the legitimate users, dialup users have proven themselves untrustworthy, because they are at the moment of connection anonymous. How can they generate the necessary trust? Well, for one, by having a DNS record which identifies them as trustworthy. Their ISP can issue them a address from a pool which is trusted, once they have proven their trust. Or vice-versa, a new or trial user would be given an address in a pool which is not trusted. Another way they could be trusted is by going through a proxy. This proxy runs on a host with a credential, and allows access only to trusted SMTP clients. I'm sure that there are other methods for developing trust. One thing is for sure: you can't trust random SMTP clients. This is not your father's ARPANet, where all hosts were by definition trusted. -- -russ nelson <[EMAIL PROTECTED]> http://crynwr.com/~nelson Crynwr supports Open Source(tm) Software| PGPok | There is good evidence 521 Pleasant Valley Rd. | +1 315 268 1925 voice | that freedom is the Potsdam, NY 13676-3213 | +1 315 268 9201 FAX | cause of world peace.