richb01803
Rich
join:2001-02-14
02100
| Blocking port 25? Privacy invasion!
I for one would not want my email to flow through an ISP's mail server!
Forgetting the issue of how non-scalable most mail servers are, and therefore how prone to outages they are, do you really want all your email flowing through a Carnivore data-sucking attachment directly into the watchful eyes of a government or an ISP?
The folks in Beijing and Bhagdad must be clapping their hands in glee that even those of us in 'enlightened' countries are mere sheep who will accept any kind of privacy-threatening policy so long as the bureaucrats label it as something other than what it truly is. |
|
richb01803
Rich
join:2001-02-14
02100
|  Verizon's is actually the more-sensible approach
Re-reading the summary on this, I can't see why one would disagree with Verizon's policy on this matter.
They aren't restricting users on their network from receiving mail from anyone. They are restricting users of Verizon's SMTP gateways from sending email which is tagged with a From address other than that email server itself.
That's eminently sensible.
If you want to use a domain name other than one of the Verizon domains, then you should set up your own mail server for outbond mail (a typical Linux box will do fine), and/or pick up your mail from some other site.
Verizon's policy will probably affect 0.0001% of legitimate mail users: if you've got your own domain name, you're in all likelihood not using Verizon's mail servers to receive your mail, so the impact will be to get you to pay attention to how your software is configured to send outbound email.
The Earthlink policy, on the other hand, is one I object to strenuously. |
|
KoolMoe
Aw Man
Premium
join:2001-02-14
Annapolis, MD
clubs:
 ·Verizon FIOS
 ·Speakeasy
| As far as privacy concerns go, I have to agree that Earthlink's new policy kinda sucks. If they're going to force their users to send out only through their servers, then they should not have any privacy-compromising activities on those servers.
However, privacy concerns aside (say Carnivore is shutdown next month), then is this really that bad?
I run my own mailserver on a RTHM network, and for outgoing, I simply relay the email out to RTHM's mail server, which forwards it on to the world. No worries on my end and it works fine.
KM |
|
justin
Australian
join:1999-05-28
Brooklyn, NY
Host:
IPv6
Business Connectiv..
Home/Office setup ..
Console/Handheld g..
Console Tech
| reply to richb01803
Sending email with no accountability is a blight on the internet.. Earthlinks policy is great, because (without the policy) customers can send out massive amounts of spam email within hours, with the penalty being (at worse) cancellation of their $20 a month account.. forcing it to go through the earthlink servers, which are provided for the purpose of delivering legitimate email, is perfectly reasonable, and allows flood control.
If you think the earthlink servers are unreliable, tell them to fix them, or move to another provider.
If you care about privacy, encrypt your email.
Verizon on the other hand is continuing to allow anyone with a windows spam utility to flood mailboxes, yet their action blocks (many) people who have their own vanity domain names.. for no gain. It is easy for verizon technically to drop subscribers who flood their mail servers.. (regardless of From address) yet this policy does nothing to stop direct mail spammers.. who are the real criminals.
[text was edited by author 2001-07-02 10:57:42] |
|
UhOkRight
@eclipse.net
| reply to richb01803
Re: Blocking port 25? Privacy invasion!
Ok, terrific.
You epitomize the tech support rep's worst nightmare... the user who kind of knows what he's doing but still messes stuff up and tells the horror stories about stuff he's heard on CNN or read on C|Net. |
|
fhmiller5
join:2000-01-23
Dobbs Ferry, NY
| reply to justin
Re: Verizon's is actually the more-sensible approach
The person that said they cannot think of why someone would disagree, isn't thinking very hard.
We are a small office any many of us work from home using our various connections. The mail server we use at work requires the ip address be one of it's own for sending. Therefore we can't send through it from home. If we used Verizon for home dsl we couldn't send work mail.
Fred |
|
richb01803
Rich
join:2001-02-14
02100
| reply to justin
said by Justin:
Sending email with no accountability is a blight on the internet.
Well, I certainly can understand your position on this, but I think that there isn't any way to address the spam problem without a global re-think of email architecture.
Some form of authentication handshake will need to be implemented between mail servers, and between mail clients and mail relays, in order to address the spam problem once and for all.
I believe most people want two things:
(1) Email whose source can be verified; and
(2) The ability to send anonymous email as needed.
This forum itself is a way to send anonymous email: I get to express opinions here without having them directly traceable to my employer. That way I'm less inhibited, as are a number of the other regular contributors, so the issues are tackled much more directly.
But when setting up a personal mailbox, we tend to prefer that the source of incoming email can be verified--and blocked or stopped at the source if it's annoying or invasive.
I don't think ISPs are in a position to do anything other than help fund the R&D it takes to implement software to make this happen. Tweaking policies which limit the usefulness of today's software isn't going to solve the overall problem.
[text was edited by author 2001-07-02 11:09:29] |
|
richb01803
Rich
join:2001-02-14
02100
| reply to fhmiller5
Why is that? Why can't your office email server be set up to relay your email?
Software which attempts to restrict access based on an IP address isn't well-made. It should have some other means of getting you to prove who you are.
However, I will grant you the point that today's email software has a lot of limitations which force folks to come up with all these bizarre kludges.
I don't think it's possible to barricate the 'net against spam so long as we're all merely trying to jam our pinky fingers in the dike. |
|
Network Guy
join:2000-08-25
New York
 ·PHONE POWER
·Broadvox Direct
·Verizon Online DSL
| They did this a long time ago already
EarthLink already started blocking port 25 a long time ago with their dial up accounts, really a pain in the as* when hosting a SMTP server that only accepts connections on port 25.
--
OMARNYC.COM - My place on the web - »www.omarnyc.com |
|
sadowski
I Am My Own Doppelganger
Premium,MVM
join:2000-04-14
Buffalo, NY
clubs:
|  reply to justin
Re: Verizon's is actually the more-sensible approach
I don't want my ISP filtering anything. If I want to run my own servers then I should be able to. If I want talk to any other server I should be able to. If UCE and Bulk mail is a blight, then the spammers should be dealt with legaly on the level of their businesses, as well as servers set for customer (authorized) use only. I don't want an ISP deciding what is a "blight" such as adult content, political discussion, or even spam. Not to mention that we ALL KNOW that money will buy exceptions to all this filtering.
It's the ultimate hypocrisy to say that filtering (effective or otherwise) of what I don't like (spam) is OK but otherwise it's not.
I'm truly sick of hearing how ISPs should be turned into Internet police. The ISP should do nothing but provide connectivity and basic services to customers. If it doesn't want to provide basic services, such as mail and news, then it should not block those service either.
I suggest any of you really wanting such a bland and safe Internet stick to watching commercial television where you can be as safe and ignorant of anything potentialy offensive as you like. |
|
dru
join:2000-09-14
Corona, CA
| reply to richb01803
What do you mean by, "not well made"? Just what SMTP security protocol have you seen implemented and standardized upon that deals with this issue?
SMTP was standardized when the internet was a trusting, open place. That's the problem. IMAP4 addresses these issues, but not universally supported by all client programs.
Obviously, software that runs on individual corporate servers could and should restrict incoming SMTP mail to originating headers, like what Verizon is implementing. But many do not offer this, and I believe that there is an issue with the appearance of being "open relay" to the current detection algorithms employed by such systems as ORBS and MAPS. So you still have to restrict via IP address, and this is difficult if you have traveling employees or those using dialup or dynamic IP service.
As for "not well made" commercial offerings including those from Microsoft, Eudora, and others do not provide many SMTP security features other than restriction by IP address. When asked, they claim such reasons as "RFC blah blah compliance" which of course means to be a fully compatible piece of software it has to interoperate with mail clients that hail from the days of Windows 3.1 Of course ISPs with the talent can modify and recompile smtp software to meet their needs, but the average small business doesn't possess this type of talent.
The biggest problem we have had recently is with business clients not intentionally abusing our servers or spamming themselves, but setting up servers for their own use but leaving them open to mail relay (the default configuration, out of the box for many server programs) and with the plethora of scanners and bots used by spammers to find open relays, they are discovered and exploited within a few hours. |
|
justin
Australian
join:1999-05-28
Brooklyn, NY
Host:
IPv6
Business Connectiv..
Home/Office setup ..
Console/Handheld g..
Console Tech
| reply to sadowski
ISPs all have subscriber agreements than clearly set out the penalties for sending out unsolicited email. They are obliged to enforce those penalties.. if they can't and won't enforce them, it would be a PR nightmare for them as a company, and subsequently a serious legal problem, as spammers (and criminal activity) flocked to the ISP that just provided an IP and didn't care what you use it for.
the discussion has gone off topic though - Verizon is trying to stop spam in a technically naive way.. that both hinders those with legitmate needs for their own domain name, yet does little to stop spam originating from their network. |
|
htin11
join:2000-08-10
Flushing, NY
|  Verizon 'spam control'
I think that what verizon did was good, it will prevent people from spamming my mail box so much with junk mail. I thanks them for their way to decrease load on their mail server and decrease load on the internet from spam.
as they say, one bad apples ruins the whole bunch...you shouldn't be mad at verizon, you should be mad at people who abused the mail servers.
It's like my road runner, i'm capped at 300 upstream due to people who ran servers and was sucking up everyone's bandwidth. that's why they cap everyone. Same thing here. |
|
htin11
join:2000-08-10
Flushing, NY
| reply to sadowski
Re: Verizon's is actually the more-sensible approach
actually read your TOS and your agreement, if the agreement say you can't run a server, then you can't do anything bout it...cuz it says DO NOT run a server...same thing with my road runner TOS. Thus you agreed upon not to run a server with the ISP...when you sign the contract or when you pay them. It all depend on the ISP...you choosed their services hence you are obligated by their runs...you don't have to pay them if you don't like their ways...as they say, go somewhere if you don't like what they offer. |
|
richb01803
Rich
join:2001-02-14
02100
| reply to dru
Well, maybe having the big ISPs implement really annoying restrictions will force the software companies to innovate and provide better email software.
Email's the #1 most popular application on the Internet, and it's been that way since the beginning.
Software vendors put their heads in the sand ages ago and decided that complying with a 20-year-old RFC with the likes of sendmail (world's buggiest program), Eudora and Outlook (world's least secure program) from now until eternity is a fine and acceptable state of affairs.
Well, I reiterate: email software as it stands today is "not well made". It's not up to the average 10-employee small business to come up with the answer to this problem; it's up to the well-heeled software vendors to do it. If not them, then perhaps the Linux freeware development community will take on this challenge (if for no other reason than to do an end run around SMTP port 25 when the ISPs gang up and block it).
I don't think the ISP managers are playing a good game of chess here. They'll bring worse problems on themselves by continuing these policies without also seeking long-term solutions in cooperation with the software development industry. |
|
Network Guy
join:2000-08-25
New York
·PHONE POWER
·Broadvox Direct
·Verizon Online DSL
| reply to htin11
Re: Verizon 'spam control'
Yeah well.. That's a stupid way of doing it. They should just disable port 25 on incoming connections outside of their verizon.com, verizon.net, or bellatlantic.net domains, and then just log activity on their SMTP servers. If they find a subscriber spamming, kick 'em out.
--
OMARNYC.COM - My place on the web - »www.omarnyc.com |
|
sadowski
I Am My Own Doppelganger
Premium,MVM
join:2000-04-14
Buffalo, NY
clubs: | reply to htin11
Re: Verizon's is actually the more-sensible approach
said by htin11:
as they say, go somewhere if you don't like what they offer.
Bring back slavery too then, eh? |
|
Network Guy
join:2000-08-25
New York | reply to justin
Amen. |
|
sadowski
I Am My Own Doppelganger
Premium,MVM
join:2000-04-14
Buffalo, NY
clubs:
| reply to justin
said by justin:
ISPs all have subscriber agreements
That's not the same as blocking service access. If the ISP doesn't want to enforce its rules it should either not make them or it should suffer the consequences of not enforcing them. Blocking services is not a reasoned response to laziness or ineptitude.
quote:
the discussion has gone off topic though
I don't think so. This is where these types of actions take us. What ISPs do have consequences and set trends too. These issues need to be addressed. |
|
drharry
join:2001-02-12
Hopatcong, NJ
| reply to richb01803
Re: Blocking port 25? Privacy invasion!
said by richb01803:
I for one would not want my email to flow through an ISP's mail server!
And how else did you expect to send email?
said by richb01803:
Forgetting the issue of how non-scalable most mail servers are, and therefore how prone to outages they are, do you really want all your email flowing through a Carnivore data-sucking attachment directly into the watchful eyes of a government or an ISP?...
It would appear you have no choice.
But ISP's blocking port 25 is old news. Earthlink has been doing this to former Netcom customers for well over two years now. |
|
