how-to block ads
|
|
view: topics flat text |
|
Comments on news posted 2001-07-02 10:20:37: Verizon is informing its customers that its mail servers will shortly no longer accept email from subscribers that has a "from" address that is something other than banet.net, bellatlantic.net, verizon.net or gte.net. ..
|
 | | Blocking port 25? Privacy invasion! I for one would not want my email to flow through an ISP's mail server!
Forgetting the issue of how non-scalable most mail servers are, and therefore how prone to outages they are, do you really want all your email flowing through a Carnivore data-sucking attachment directly into the watchful eyes of a government or an ISP?
The folks in Beijing and Bhagdad must be clapping their hands in glee that even those of us in 'enlightened' countries are mere sheep who will accept any kind of privacy-threatening policy so long as the bureaucrats label it as something other than what it truly is. | |
| | | | Re: Blocking port 25? Privacy invasion! Ok, terrific.
You epitomize the tech support rep's worst nightmare... the user who kind of knows what he's doing but still messes stuff up and tells the horror stories about stuff he's heard on CNN or read on C|Net. | |
| | drharry
join:2001-02-12
Hopatcong, NJ | said by richb01803:
I for one would not want my email to flow through an ISP's mail server!
And how else did you expect to send email?
said by richb01803:
Forgetting the issue of how non-scalable most mail servers are, and therefore how prone to outages they are, do you really want all your email flowing through a Carnivore data-sucking attachment directly into the watchful eyes of a government or an ISP?...
It would appear you have no choice.
But ISP's blocking port 25 is old news. Earthlink has been doing this to former Netcom customers for well over two years now. | |
| | | | | Re: Blocking port 25? Privacy invasion! said by drharry:
And how else did you expect to send email?
It goes directly from my Linux system to the recipient's SMTP server. It does not go through any email servers at my ISP (AT&T Broadband, or in the case of my workplace, Genuity) unless of course the recipient's mailbox is at that ISP. | |
| | |  RARPSL
join:1999-12-08
Suffern, NY | said by drharry:
But ISP's blocking port 25 is old news. Earthlink has been doing this to former Netcom customers for well over two years now.
And they have had it implemented wrong for those two years. A correctly implemented PORT25 block AUTOMATICALLY redirects all PORT25 requests to the blocking ISP's SMTP Server NOT (as Earthlink does) refuse to make the connection to a Non-ISP Server by just letting the connection attempt time out. | |
| | | | | | Re: Blocking port 25? Privacy invasion! said by RARPSL:
said by drharry:
A correctly implemented PORT25 block AUTOMATICALLY redirects all PORT25 requests to the blocking ISP's SMTP Server NOT (as Earthlink does) refuse to make the connection to a Non-ISP Server by just letting the connection attempt time out.
Either way, it still forces all outbound SMTP traffic through an outage-prone, packet-sniffing-prone bottleneck. Ugh.
If this is the wave of the future I'm not too happy about that.
There are other ways to tackle the spam problem without this sledgehammer approach. | |
| | | | | RARPSL
join:1999-12-08
Suffern, NY |  Re: Blocking port 25? Privacy invasion!
said by richb01803:
said by RARPSL:
said by drharry:
A correctly implemented PORT25 block AUTOMATICALLY redirects all PORT25 requests to the blocking ISP's SMTP Server NOT (as Earthlink does) refuse to make the connection to a Non-ISP Server by just letting the connection attempt time out.
Either way, it still forces all outbound SMTP traffic through an outage-prone, packet-sniffing-prone bottleneck. Ugh.
If this is the wave of the future I'm not too happy about that.
There are other ways to tackle the spam problem without this sledgehammer approach.
I agree. As for PORT25 blocking, how hard is it to have the ISP (when it gets the "CONNECT ME TO ISPX's SMTP SERVER" request) do its own connect to the server and see if it offers a AUTH response to the EHLO (then just drop the connection via QUIT)? Such a response could then trigger a "Let the user get his connection" action since the SMTP server can be considered as "SPAM LOCKED DOWN" and acceptable as a connection target. | |
|
|  dru
join:2000-09-14
Corona, CA | Some of your fears and paranoia are misplaced.
As far as Carnivore, your this is a Clinton-era dream that has yet to pass through serious legal tests. To think that ISPs have welcomed or supported Carnivore is absurd. As an ISP, I can tell you that not only is there no Carnivore present on our network, the DOJ or anyone else has yet to ever approach us or any other ISP I know with the legal documents and court orders, and we would require substantial review before we would allow them to proceed. Apparently, they have to compensate the ISP T&M for any investigation, and that is probably never going to be practical when it would be easier to wiretap the client under investigation's phone or broadband. We would fight in court as long as clients, NOT under investigation, could have their privacy breached through the Carnivore implementation. Any use of Carnivore would have to be focused/targeted on a suspected individual. Despite the rampant concerns about Big Brother Snooping on You, the main threat was through inadvertent discovery, for example, if an agent tapping a suspected child pornographer comes across drug peddling by someone else, would that info be admissible or even be able to initiate an investigation? My guess is NO, it would NEVER pass constitutional law.
Secondly, as far as privacy is concerned, ISPs act as carriers. We SO MUCH do not want to ever see ANY of your email because that puts ISPs into a type of legal "publisher" mode. We simply send it, just as the phone companies complete calls without monitoring the connections for the same reason. Crime occurs all the time, but we don't want the responsibility of having any information that might require reporting to authorities. It could also make ISPs third parties to wife cheating cases, porno via email, solicitation to commit fraud, etc. Trust me, the microsecond we have confirmation your email is delivered to its destination, it's permanently deleted and we do NOT keep copies!
While there are all sorts of urban legends about AOL and other large ISPs trolling their clients computers and email boxes for anti-AOL rhetoric, complaints, etc, they are just stories. While there might be isolated incidents of snoopy employees watching what goes by, for the most part, it's just speculation.
The exception is mail transfer logs. We do log your mail activity (not the content) to ensure you are not spamming through our network, but also to verify that you are not. We have to keep these logs, because IP and mailbox headers can be forged. Best way to screw with a buddy (in the Sam Kennison definition of "buddies") - send out a bunch of er, organ enlargement ads under his IP and mail address, and watch the wrath of various entities come down, meanwhile, he says "HUH?" as cleanup fees hit his credit card. Ha Ha, I've seen it done!
If you want to be concerned about mail privacy - be worried about your employer and sending email out on the company server. In the issue of employer-servers and their employees with regards to using company resources, employers have prevailed in many of the cases to the point where there is no implied privacy when you are on the job. They can and do watch what you do. | |
| | | | Why is this even an issue? Focus should be on the fact that Verizon made a gross error right from the beginning. Why was such a big mistake allowed to continue for so long? The best thing that Verizon could have done was admit that their system was lacking in any kind of security right from the get-go, apologize, and fix it.
Unless you pay for hosting, NO-ONE allows others to access their servers. This is why we all have different "handles"...@home.com;@verizon.net;@whatever.org...all are different domains and the extension tells us who has rights to what. Usually, only those who pay have the rights. The fact that verizon customers have not had to worry about this before now should in it's self be worrisome. That means that the potential for trouble has been a hackers dream from the beginning.
The ONLY Verizon customers that will be affected are those who have, for some strange reason, been allowed to host their own domains (for free) for all of this time. They simply need to pay someone to provide web hosting for them, and they will pay for it, and life can continue on as usual. They now have to pay for a service that they have been getting for free all this time.
Different companies employ different methods, but they all do it. Get out of the dark. ha-ha-ha 
--
Unless you play by the rules, why bother to complain? | |
| | | RARPSL
join:1999-12-08
Suffern, NY |  Re: Blocking port 25? Privacy invasion!
said by whybother:
Unless you pay for hosting, NO-ONE allows others to access their servers. This is why we all have different "handles"...@home.com;@verizon.net;@whatever.org...all are different domains and the extension tells us who has rights to what. Usually, only those who pay have the rights.
As I've noted before, Verizon is NOT allowing unrestricted SMTP Server access to their customers for Verizon Email even though, to quote you, "They have Paid for it".
Right now, I can only use the Verizon Servers to send my Verizon Email IF I am at that time using Verizon Connectivity (ie: A Verizon ADSL Line or a Verizon POTS/ISDN dial-Up Gateway). If I want to send mail over that line from my example.com account, I am told by Verizon to connect to an example.com SMTP Server. I can accept this. The problem is that when I use example.com (or some other ISP's) connectivity, and try to access the Verizon SMTP Server to send my Verizon Email (as Verizon wants me to do for non-Verizon Email when using THEIR Connectivity), I'm refused access THAT I HAVE PAID FOR due to Verizon's refusal to offer SMTP AUTH (POP BEFORE SMTP or POP XTND XMIT) as a way to bypass the "DROP DEAD - YOU'RE NOT ON OUR LAN" Rules for access to the SMTP Server. | |
| | | | | | Re: Blocking port 25? Privacy invasion! That's what they want. Take the business elsewhere and really teach them a lesson. Before you sign up though, read your TOS this time. Ask them directly if you can use their server for your uses, get it in writing.
--
Unless you play by the rules, why bother to complain? | |
| | | | | RARPSL
join:1999-12-08
Suffern, NY |  Re: Blocking port 25? Privacy invasion!
said by whybother:
That's what they want. Take the business elsewhere and really teach them a lesson. Before you sign up though, read your TOS this time. Ask them directly if you can use their server for your uses, get it in writing.
This is not the case since the Verizon (really BANET since they later force moved me to Verizon.Net when they shut down BANET.NET) TOS when I signed up ALLOWED me to send Email no matter what the From Address was. Even if I am allowed to do so at Sign-Up time, the other ISP can pull a Verizon later. Note that I am not addressing if Verizon should have the ability to refuse to relay my Email if I do not use my Verizon Account Address in the From. I am addressing the issue of Verizon REFUSING to accept my Verizon Email when I am not using Verizon Connectivity EVEN THOUGH their policy on my sending NON-Verizon Email when using Verizon connectivity is "Use THEIR Server". Thus they are unwilling to follow their own STATED rules (ie: I can not "Use THEIR [ie: Verizon's] Server" when not connected to the Verizon Network). | |
|
| |  Verizon's is actually the more-sensible approach
They aren't restricting users on their network from receiving mail from anyone. They are restricting users of Verizon's SMTP gateways from sending email which is tagged with a From address other than that email server itself.
That's eminently sensible.
If you want to use a domain name other than one of the Verizon domains, then you should set up your own mail server for outbond mail (a typical Linux box will do fine), and/or pick up your mail from some other site.
Verizon's policy will probably affect 0.0001% of legitimate mail users: if you've got your own domain name, you're in all likelihood not using Verizon's mail servers to receive your mail, so the impact will be to get you to pay attention to how your software is configured to send outbound email.
The Earthlink policy, on the other hand, is one I object to strenuously. | |
| |  KoolMoeAw ManPremium
join:2001-02-14
Annapolis, MD | Re: Verizon's is actually the more-sensible approach As far as privacy concerns go, I have to agree that Earthlink's new policy kinda sucks. If they're going to force their users to send out only through their servers, then they should not have any privacy-compromising activities on those servers.
However, privacy concerns aside (say Carnivore is shutdown next month), then is this really that bad?
I run my own mailserver on a RTHM network, and for outgoing, I simply relay the email out to RTHM's mail server, which forwards it on to the world. No worries on my end and it works fine.
KM | |
| |  justinAustralian
join:1999-05-28
New York, NY
kudos:7
IPv6
Business Connectiv..
Console/Handheld g..
Console Tech
Home/Office setup ..
| Sending email with no accountability is a blight on the internet.. Earthlinks policy is great, because (without the policy) customers can send out massive amounts of spam email within hours, with the penalty being (at worse) cancellation of their $20 a month account.. forcing it to go through the earthlink servers, which are provided for the purpose of delivering legitimate email, is perfectly reasonable, and allows flood control.
If you think the earthlink servers are unreliable, tell them to fix them, or move to another provider.
If you care about privacy, encrypt your email.
Verizon on the other hand is continuing to allow anyone with a windows spam utility to flood mailboxes, yet their action blocks (many) people who have their own vanity domain names.. for no gain. It is easy for verizon technically to drop subscribers who flood their mail servers.. (regardless of From address) yet this policy does nothing to stop direct mail spammers.. who are the real criminals.
[text was edited by author 2001-07-02 10:57:42] | |
| | | | | Re: Verizon's is actually the more-sensible approach The person that said they cannot think of why someone would disagree, isn't thinking very hard.
We are a small office any many of us work from home using our various connections. The mail server we use at work requires the ip address be one of it's own for sending. Therefore we can't send through it from home. If we used Verizon for home dsl we couldn't send work mail.
Fred | |
| | | | | | Re: Verizon's is actually the more-sensible approach Why is that? Why can't your office email server be set up to relay your email?
Software which attempts to restrict access based on an IP address isn't well-made. It should have some other means of getting you to prove who you are.
However, I will grant you the point that today's email software has a lot of limitations which force folks to come up with all these bizarre kludges.
I don't think it's possible to barricate the 'net against spam so long as we're all merely trying to jam our pinky fingers in the dike. | |
| | | | | dru
join:2000-09-14
Corona, CA | Re: Verizon's is actually the more-sensible approach What do you mean by, "not well made"? Just what SMTP security protocol have you seen implemented and standardized upon that deals with this issue?
SMTP was standardized when the internet was a trusting, open place. That's the problem. IMAP4 addresses these issues, but not universally supported by all client programs.
Obviously, software that runs on individual corporate servers could and should restrict incoming SMTP mail to originating headers, like what Verizon is implementing. But many do not offer this, and I believe that there is an issue with the appearance of being "open relay" to the current detection algorithms employed by such systems as ORBS and MAPS. So you still have to restrict via IP address, and this is difficult if you have traveling employees or those using dialup or dynamic IP service.
As for "not well made" commercial offerings including those from Microsoft, Eudora, and others do not provide many SMTP security features other than restriction by IP address. When asked, they claim such reasons as "RFC blah blah compliance" which of course means to be a fully compatible piece of software it has to interoperate with mail clients that hail from the days of Windows 3.1 Of course ISPs with the talent can modify and recompile smtp software to meet their needs, but the average small business doesn't possess this type of talent.
The biggest problem we have had recently is with business clients not intentionally abusing our servers or spamming themselves, but setting up servers for their own use but leaving them open to mail relay (the default configuration, out of the box for many server programs) and with the plethora of scanners and bots used by spammers to find open relays, they are discovered and exploited within a few hours. | |
| | | | | | | | Re: Verizon's is actually the more-sensible approach Well, maybe having the big ISPs implement really annoying restrictions will force the software companies to innovate and provide better email software.
Email's the #1 most popular application on the Internet, and it's been that way since the beginning.
Software vendors put their heads in the sand ages ago and decided that complying with a 20-year-old RFC with the likes of sendmail (world's buggiest program), Eudora and Outlook (world's least secure program) from now until eternity is a fine and acceptable state of affairs.
Well, I reiterate: email software as it stands today is "not well made". It's not up to the average 10-employee small business to come up with the answer to this problem; it's up to the well-heeled software vendors to do it. If not them, then perhaps the Linux freeware development community will take on this challenge (if for no other reason than to do an end run around SMTP port 25 when the ISPs gang up and block it).
I don't think the ISP managers are playing a good game of chess here. They'll bring worse problems on themselves by continuing these policies without also seeking long-term solutions in cooperation with the software development industry. | |
|
| | |  rchandraStargate Universe fanPremium
join:2000-11-09
14225-2105 | said by fhmiller:
The mail server we use at work requires the ip address be one of it's [sic] own for sending. Therefore we can't send through it from home. If we used Verizon for home dsl we couldn't send work mail.
That simply means you haven't set up a mail server that can do this. Go to the Verizon thread and read about the various schemes, the most popular being authenticate-then-email (POP then [E]SMTP). Also, it sounds like you haven't thought about setting up VPN connections (which would put your home computer or network in the IP address space of your company).
If you're not willing to do either of these, it's not VZ's fault, it's the fault of your company.
--
Those willing to sacrifice freedom for security deserve neither. | |
|
| |
| said by Justin:
Sending email with no accountability is a blight on the internet.
Well, I certainly can understand your position on this, but I think that there isn't any way to address the spam problem without a global re-think of email architecture.
Some form of authentication handshake will need to be implemented between mail servers, and between mail clients and mail relays, in order to address the spam problem once and for all.
I believe most people want two things:
(1) Email whose source can be verified; and
(2) The ability to send anonymous email as needed.
This forum itself is a way to send anonymous email: I get to express opinions here without having them directly traceable to my employer. That way I'm less inhibited, as are a number of the other regular contributors, so the issues are tackled much more directly.
But when setting up a personal mailbox, we tend to prefer that the source of incoming email can be verified--and blocked or stopped at the source if it's annoying or invasive.
I don't think ISPs are in a position to do anything other than help fund the R&D it takes to implement software to make this happen. Tweaking policies which limit the usefulness of today's software isn't going to solve the overall problem.
[text was edited by author 2001-07-02 11:09:29] | |
| | | | | | Re: Verizon's is actually the more-sensible approach quote:
This forum itself is a way to send anonymous email: I get to express opinions here without having them directly traceable to my employer. That way I'm less inhibited, as are a number of the other regular contributors, so the issues are tackled much more directly.
Yes, this forum is a way to send anonymous email but the user has the choice whether or not they see the message using this method (either going to the site or not). Recipients of spam have no choice but to deal with the constant stream of unsolicited mail pouring into their computer.
As for your comment about a "re-think" of the internet's current method of mail delivery, that would be a great thing but what are users to do RIGHT NOW? Verizon customers that have their own domain names have been using the ISP's smtp server to send their mail because a lot of them do not want to set up their own mail servers and many of their hosts don't provide the ability to relay through their machines because of potential for abuse. Many hosting providers that I've seen simply provide pop3 mailboxes only. I know many people don't like Microsoft products but Exchange has the ability to restrict relaying via user authentication already as well as by ip. I personally prefer ip restrictions because it is too easy to impersonate a user not using secure password authentication due to the fact that user names and passwords for authentication are typically sent in plain text. Even if the ISP uses secure authentication, each and every user would have to use this configuration which means potential for more support calls due to incorrect client configurations. And not all clients support this method either. Bottom line is that for those who cannot send mail now, no matter how few, have a problem that will not be solved by a "re-think" of the current architecture. At least not soon enough for them of course. Many ISPs have attempted relay control via ip restrictions and for the most part it works. It's by no means a flawless process, but it does put a dent into the problem. 95% of the spam that has come across my inbox comes from mail servers that are open relays (no relay restrictions at all). I've verified many of them by sending messages to myself through their servers. If people running these servers would be kind enough to care about the rest of us on the net and close down these open relays, we'd see far fewer amounts of spam. | |
|
| |  sadowskiI Am My Own DoppelgangerPremium,MVM
join:2000-04-14
Buffalo, NY | I don't want my ISP filtering anything. If I want to run my own servers then I should be able to. If I want talk to any other server I should be able to. If UCE and Bulk mail is a blight, then the spammers should be dealt with legaly on the level of their businesses, as well as servers set for customer (authorized) use only. I don't want an ISP deciding what is a "blight" such as adult content, political discussion, or even spam. Not to mention that we ALL KNOW that money will buy exceptions to all this filtering.
It's the ultimate hypocrisy to say that filtering (effective or otherwise) of what I don't like (spam) is OK but otherwise it's not.
I'm truly sick of hearing how ISPs should be turned into Internet police. The ISP should do nothing but provide connectivity and basic services to customers. If it doesn't want to provide basic services, such as mail and news, then it should not block those service either.
I suggest any of you really wanting such a bland and safe Internet stick to watching commercial television where you can be as safe and ignorant of anything potentialy offensive as you like. | |
| | | | justinAustralian
join:1999-05-28
New York, NY
kudos:7 Host:
IPv6
Business Connectiv..
Console/Handheld g..
Console Tech
Home/Office setup ..
| Re: Verizon's is actually the more-sensible approach ISPs all have subscriber agreements than clearly set out the penalties for sending out unsolicited email. They are obliged to enforce those penalties.. if they can't and won't enforce them, it would be a PR nightmare for them as a company, and subsequently a serious legal problem, as spammers (and criminal activity) flocked to the ISP that just provided an IP and didn't care what you use it for.
the discussion has gone off topic though - Verizon is trying to stop spam in a technically naive way.. that both hinders those with legitmate needs for their own domain name, yet does little to stop spam originating from their network. | |
| | | | | | | Re: Verizon's is actually the more-sensible approach Amen. | |
| | | | | sadowskiI Am My Own DoppelgangerPremium,MVM
join:2000-04-14
Buffalo, NY | said by justin:
ISPs all have subscriber agreements
That's not the same as blocking service access. If the ISP doesn't want to enforce its rules it should either not make them or it should suffer the consequences of not enforcing them. Blocking services is not a reasoned response to laziness or ineptitude.
quote:
the discussion has gone off topic though
I don't think so. This is where these types of actions take us. What ISPs do have consequences and set trends too. These issues need to be addressed. | |
|
| | | htin11
join:2000-08-10
Flushing, NY Reviews:
 ·Verizon FiOS
| actually read your TOS and your agreement, if the agreement say you can't run a server, then you can't do anything bout it...cuz it says DO NOT run a server...same thing with my road runner TOS. Thus you agreed upon not to run a server with the ISP...when you sign the contract or when you pay them. It all depend on the ISP...you choosed their services hence you are obligated by their runs...you don't have to pay them if you don't like their ways...as they say, go somewhere if you don't like what they offer. | |
| | | | | sadowskiI Am My Own DoppelgangerPremium,MVM
join:2000-04-14
Buffalo, NY | Re: Verizon's is actually the more-sensible approach said by htin11:
as they say, go somewhere if you don't like what they offer.
Bring back slavery too then, eh? | |
|
| | | rchandraStargate Universe fanPremium
join:2000-11-09
14225-2105
| I think you pretty much have this right, with an exception or two. I think traffic that has no business on the Internet (e.g., with an RFC1918 source IP address) should be filtered out. In this sense, ISPs have to cooperate to become the Internet police.
As far as VZ providing services...they do provide mail, and they hope that their pending change will win them more customers than they will lose. They appear to be playing the open market here. If you and I (both Buffalo VZ subscribers) don't like their new SMTP policy, we can subscribe to Telerama for example instead. I don't know of any out there, but there could be other hosting companies that would be willing to accept your mail, and if VZ start mangling tcp/25, also provide a VPN service so you can get at their [E]SMTP servers.
I don't get the analogy to commercial TV. There is plenty on commercial TV that could be deemed offensive. The alternative would be PBS I'm guessing? If anything, I'd think that'd be more sanitized/cleaned than commercial TV. Also, if by "commercial TV" you would be willing to include satellite/cable programs, I can think of a certain popular Comedy Central program that a lot of people think is quite objectionable (but I personally usually find hilarious).
(edit was to add anchor/link to RFC1918)
[text was edited by author 2001-07-03 11:20:58] | |
| | | | | sadowskiI Am My Own DoppelgangerPremium,MVM
join:2000-04-14
Buffalo, NY | Re: Verizon's is actually the more-sensible approach said by rchandra:
I think traffic that has no business on the Internet (e.g., with an RFC1918 source IP address) should be filtered out.
Private addresses, I think? I have no problem with that. I have no problem with any filtering done on technical grounds, if it pertains to the actual technical limits of the network (vs. too many users using porn sites so we block them because it wastes our bandwidth - a psuedo-technical argument).
quote:
As far as VZ providing services...they do provide mail,
There is also language on their website that suggests that they are not contractualy obligated to do so. I posted it in the Verizon forum a while back. (I'm not, however, suggestting that they are planning to pull mail service or charge extra for.) quote:
If you and I (both Buffalo VZ subscribers) don't like their new SMTP policy, we can subscribe to Telerama for example instead.
But that's just more of that go back where you came from kind of thing. It doesn't address the approriateness of this kind of action. quote:
I don't get the analogy to commercial TV. There is plenty on commercial TV that could be deemed offensive. The alternative would be PBS I'm guessing?
PBS has become very safe and very commercial oriented (in the sense that it has started pandering toward mass audience to facilitate donations). If you're old enough to remeber PBS in the seventies they were doing and showing original drama of substance, controversial political/social programs and science programming that had substance (not like what poor Nova has become now, or since they stopped buying Horizons and replacing the narration track with an American voice). So, no, I don't see PBS as much of an alternative anymore. quote:
If anything, I'd think that'd be more sanitized/cleaned than commercial TV. Also, if by "commercial TV" you would be willing to include satellite/cable programs, I can think of a certain popular Comedy Central program that a lot of people think is quite objectionable (but I personally usually find hilarious).
OK, my laziness. The commercial broadcast networks in which all is sanitized and made pallitable to some oddball marketers sensibility (or their distorted view of 'our' sensibilities) and where everything is faked and controlled for and by marketting. I think show title "Everyone Loves Raymond" represents a lot TV marketing's mentality.
Other than South Park and some of the old Sunday animation block (the transplated Duckman, Bob & Margaret, Dr. Katz) I don't know CC that well, but it is owned by MTV (isn't it?) which would make it an interesting study since MTV and the MTV Networks are pure marketing. | |
| | | | | | rchandraStargate Universe fanPremium
join:2000-11-09
14225-2105 | Re: Verizon's is actually the more-sensible approach said by sadowski:
(I'm not, however, suggestting that they are planning to pull mail service or charge extra for.)
As long as they leave my outbound TCP port 25 alone, that suits me (and I'm guessing you) just fine. 
said by sadowski:
quote:
If you and I (both Buffalo VZ subscribers) don't like their new SMTP policy, we can subscribe to Telerama for example instead.
But that's just more of that go back where you came from kind of thing. It doesn't address the approriateness of this kind of action.
Maybe not directly, but indirectly it does. If/when it works, the market can be a very powerful force indeed.
said by sadowski:
PBS has become very safe and very commercial oriented (in the sense that it has started pandering toward mass audience to facilitate donations). If you're old enough to remeber PBS in the seventies they were doing and showing original drama of substance, controversial political/social programs and science programming that had substance (not like what poor Nova has become now, or since they stopped buying Horizons and replacing the narration track with an American voice).
Nope, I wasn't too much of a PBS watcher back then. In the late sixties and early seventies, I was a "Sesame Street" and "Electric Company" viewer (born 7-Sep-1965).
said by sadowski:
quote:
I can think of a certain popular Comedy Central program that a lot of people think is quite objectionable (but I personally usually find hilarious).
I think show title "Everyone Loves Raymond" represents a lot TV marketing's mentality.
definitely.
said by sadowski:
Other than South Park...
That's the one! Come to think of it, "The Man Show" would probably be pretty disgusting to many, but I don't watch that much...only the part that's on after something else I watch (used to be on after "South Park").
BTW...I have to chuckle just about every time I pass by Southpark Ave., because almost every time, that theme starts running through my head.
--
Benjamin Franklin: Those who sacrifice freedom for a sense of security deserve neither. | |
| | | | | | | sadowskiI Am My Own DoppelgangerPremium,MVM
join:2000-04-14
Buffalo, NY | Re: Verizon's is actually the more-sensible approach said by rchandra:
As long as they leave my outbound TCP port 25 alone, that suits me (and I'm guessing you) just fine.
Yeah, you and I will be fine but I am disturbed by what could be a trend. I don't know if you are familiar with the old ServTech out of Rochester (now owned by Verio) but they did their best to provide a good networking experience to even dialup users because they were a network supplier (till places like Kodak and others decided they could handle it on their own). Larger ISPs like AOL, MSN, Earthlink, Verizon, etc. have the power to really change the network experience by restricting services which most people will just live with because they don't know better or feel they can't do anything about. The ISPs can, or do have the power to make the expereince as bland as tv, as safe as tv or as simplified as USA Today. To me, the danger is in a gradual deterioration of the experience by picking away at small bits. (Shrug) That's what it's all about to me. quote:
Maybe not directly, but indirectly it does. If/when it works, the market can be a very powerful force indeed.
My problem with that is that the masses don't always know. The Internet now, and eventualy networking generaly, is being marketed to the masses and they are not knowledgable enough or experienced enough to truly judge. Everybody's first car was great because they just didn't know better. quote:
(born 7-Sep-1965).
You're just a kid! (5-12-56)
quote:
That's the one! Come to think of it, "The Man Show" would probably be pretty disgusting to many, but I don't watch that much...only the part that's on after something else I watch (used to be on after "South Park").
I prefer a good porn film.
quote:
BTW...I have to chuckle just about every time I pass by Southpark Ave., because almost every time, that theme starts running through my head.
For a number reasons, I cancelled my cable tv service and I shall miss SP (though I hear the full episodes are available on the network ) | |
|
| | rchandraStargate Universe fanPremium
join:2000-11-09
14225-2105 | Sorry, I just don't agree that this should be done. Yes, I would agree that some customers use their broadband connection poorly this way. The solution ought to be to make these ex-customers more liable than simply cancellation of their account; part of the ToS that must be accepted before service is turned up should be a statement of cleanup charges that will be imposed should they participate in such activity, and therefore it will be more than just not paying $20/month.
I want a clean IP pipe to the Internet, devoid of any packet filtering or redirection, except for dropping illegitimate packets (for example, those with an RFC1918 source IP address). If you're worried about John Q. Spammer using his BB connection for that, employ tcp/25 traffic shaping, and if the customer wants better tcp/25 bandwidth, provision the account as a business connection.
--
Those willing to sacrifice freedom for security deserve neither. | |
|
|  sporkmedrop the crantini and move it, sisterPremium,MVM
join:2000-07-01
Morristown, NJ
 ·Optimum Online
| said by richb01803:
Re-reading the summary on this, I can't see why one would disagree with Verizon's policy on this matter.
They aren't restricting users on their network from receiving mail from anyone. They are restricting users of Verizon's SMTP gateways from sending email which is tagged with a From address other than that email server itself.
That's eminently sensible.
If you want to use a domain name other than one of the Verizon domains, then you should set up your own mail server for outbond mail (a typical Linux box will do fine), and/or pick up your mail from some other site.
Verizon's policy will probably affect 0.0001% of legitimate mail users: if you've got your own domain name, you're in all likelihood not using Verizon's mail servers to receive your mail, so the impact will be to get you to pay attention to how your software is configured to send outbound email.
The Earthlink policy, on the other hand, is one I object to strenuously.
Actually, most ISP mail servers will NOT let you relay through them unless you are coming from that ISPs own netblock. This is pretty much industry standard, and that's how we do it. SMTP-AUTH is an option, but again, the support costs on getting people to set yet another doodad in Outlook are prohibitive. We've already had a few Verizon users call about this (they use us for mail, presumably because VZ seems to have issues keeping a simple mail server running 24/7/365).
This will likely affect more than ".00001%" of users. There's alot of folks out there that have personal domain names. Especially business users. And VZ is actively marketing to businesses.
As for Earthlink, it's the only sensible thing to do. 90%+ of spam I see is from dialups via "direct to MX". I applaud Earthlink for policing their userbase. I really have no problem with setting up a relay host. It's trivial, and Earthlink has a much better track record than other large ISPs with handling mail properly.
How do you propose an ISP with millions of users stops 'direct to MX' spam other than blocking port 25? Once the spam is sent, it's sent. Would you suggest they hire 50-60 people just to man the abuse desk and cancel violators AFTER the offense?
For smaller ISPs, it's easier, but when you buy commodity products, you should expect commodity service, IMHO. | |
| | | | | Re: Verizon's is actually the more-sensible approa said by sporkme:
...presumably because VZ seems to have issues keeping a simple mail server running 24/7/365).
This will likely affect more than ".00001%" of users. There's alot of folks out there that have personal domain names.
The main technical thrust of my argument is precisely that the average telco is incapable of running a "simple" mail server capable of billions of transactions daily. It's inconceivable that one would deliberately construct a company which covers 40% of the population of the USA, proposes to capture dominant market share of ISP services within that geographic footprint, and funnel all those users' email through a particular SMTP server. It's a scaling problem that no sane person would want to take upon themselves; even AOL, which has already scaled up to that level by building up teams of engineers who know email inside & out, has its bad days.
On the latter point: thus far the only legit scenario brought up here which Verizon's approach interferes with is the case of the telecommuter who configures an SMTP mail client (Outlook Express, Netscape, or Eudora) such that reply email goes to work rather than to a Verizon mail server. Are there any other cases? If not, then I have a simple response for Verizon mail users: configure your SMTP client to put an allowed domain in the From header, and put your office's email domain in the Reply-To header.
For road warriors who want to be able to connect into the office and send/receive mail via a variety of ISPs, the best solution is to set up a VPN tunnel into your office so you can use the exact same settings (including IP addresses) from the office LAN or from any remote ISP. (I hasten to add that my current employer is a VPN purveyor, and of course that none of my DSLR postings reflect the views of that employer.)
I do agree with those who have pointed out that Verizon's approach doesn't really go after the problem very effectively; spam still gets out, it just happens to be slightly more obvious where it came from. | |
| | | |  tschmidtPremium,MVM
join:2000-11-12
Milford, NH
kudos:5
 ·Fairpoint Commun..
 ·Hollis Hosting
| Re: Verizon's is actually the more-sensible approa Richb01803
Paragraph 1 -- I agree
Paragraph 2. Lets say I have a large number of email accounts. The simplest configuration from a user's perspective is the use the SMTP server on the network I am physically connected to. It is possible to use the SMTP server provided by others. However, they are also concerned with spam and may have policies that make it difficult to connect. Also, if the network provider decides to block port 25 you are dead in the water.
Paragraph 3 That is one solution. We let our employees access mail that way. If that is what the company wants to do fine. But it should not be dictated by the carrier.
Paragraph 4 -- I think this is really the crux of the problem. What Verizon is doing forces customers to do more work while not having any effect on spam. | |
| | | | | sporkmedrop the crantini and move it, sisterPremium,MVM
join:2000-07-01
Morristown, NJ Reviews:
·Optimum Online
| Re: Verizon's is actually the more-sensible approa Verizon's plan is a sham. It will not stop spam in the least.
Here's a list of "spamware". You'll find that all of it bypasses the spammer's mail server. This is what earthlink successfully stops, but what verizon is allowing people to do.
»www.spamhaus.org/rationale.html
Here's a snippet from one of the more popular pieces of spamware:
"How Desktop Direct Works
When you use your ISP's Mail Server - your mail goes through a lot before it actually reaches the recipient - after you press "send", your mail travels:
From your computer to your ISP's Mail Server
From your ISP's Mail Server to all of your recipients' ISP Mail Server
From your recipients' ISP Mail Server to their computers
When you use Desktop Direct - you bypass your ISP's Mail Server - so your mail only travels:
From your computer to your recipients' ISP Mail Server
From your recipient's ISP Mail Server to their computer
You will not be putting any additional "strain" on your ISP's Mail Servers or "abusing bandwidth" - your computer does the work!"
Again, VZ is doing nothing to protect against this method of spamming... What exactly is their logic? Will they be selling domain/mail hosting soon? | |
| | | | | | |
| | | | RARPSL
join:1999-12-08
Suffern, NY | said by tschmidt:
Paragraph 2. Lets say I have a large number of email accounts. The simplest configuration from a user's perspective is the use the SMTP server on the network I am physically connected to. It is possible to use the SMTP server provided by others.
WRONG. The simplest configuration is one where your SMTP Settings are independent of your current connectivity (ie: You always ASK for SMTP Server X for Persona X and SMTP Server Y for Persona Y and any Port25 Blocking will AUTOMATICALLY force direct you to the Connectivity Provider's SMTP Server which accepts ALL Email for relaying) . This is simple since it works no matter where you are coming in from AND no changes are needed in your Email Parms just because you are connecting from a different Connectivity Provider). You either use the SMTP Server you ask for (which may verify your authority via SMTP AUTH/POP-Before-SMTP/POP XTND SMTP) or have the SMTP Server Address ignored and are directed to a provided SMTP Server which will handle your Email NO MATTER what From or Reply-To address is provided. | |
|
|  dimdem
join:2000-06-17
Norfolk, VA | I just missed being affected by this policy, since I just moved into an area not served by Verizon DSL and switched to @HOME. But I would have been hurt by it, since I did have my email set up with a different FROM address. My university has a screwy email system based on Lotus Notes. When I am working from home, I access my mail using a web-based client; it isn't too different from using Hotmail or Yahoo. But there is no way to configure the mail client to pop up if I am reading someone else's web page and click on their mailto link. I have to copy their address onto the clipboard, open the webpage for my email, and paste in the address. To avoid that hassle, I used Netscape mail to send mail in that sort of case. But if I am writing to a professor at another university about some professional (professorial?) business, I want to make it clear that I am a professor myself. Professors, and philosophy professors especially, get a lot of mail from cranks, so it is kind of important to have mail coming from an .edu domain. So that is how I set Netscape mail up; it is convenient for me to use, and it gives my mail some initial credibility (until they actually read the content, and realize that I am a crank too, albeit one with a job). Surely there is nothing illegitimate about this? And surely it is a little unreasonable to suggest that I ought to set up a Linux box? Were I still with Verizon, I think that I would be very unhappy about their policy, unless it was shown to make a real difference in the war on spam. | |
| | | | | Re: Verizon's is actually the more-sensible approach OK, so you're using Netscape Messenger. How difficult is it to click Edit -> Preferences -> Mail & Newsgroups -> Identity and then fill in the following two fields:
Email address: drdaleemiller@verizon.net
Reply-To address: drdaleemiller@myuniversity.edu
I don't quite understand that this would lack any "professionalism". It does have the annoying side-effect of making it more obvious that your ISP is Verizon, something a lot of us would prefer to hide (and you voted against with your wallet , but that fact can be seen in the Received headers of your outbound mail anyway. | |
| | | | sadowskiI Am My Own DoppelgangerPremium,MVM
join:2000-04-14
Buffalo, NY | Re: Verizon's is actually the more-sensible approach said by richb01803:
I don't quite understand that this would lack any "professionalism".
Because Me@MySmallBusiness.com would not show in the Sender field of my client's mail reader. What's more, not every mail client will default to using the Reply-To address. Some will prompt and say use reply-to instead of...? There's more than I can think of too but there's no need to get into it here. My example should be enough. | |
| | | | dimdem
join:2000-06-17
Norfolk, VA | said by richb01803:
OK, so you're using Netscape Messenger. How difficult is it to click Edit -> Preferences -> Mail & Newsgroups -> Identity and then fill in the following two fields:
Email address: drdaleemiller@verizon.net
Reply-To address: drdaleemiller@myuniversity.edu
I don't quite understand that this would lack any "professionalism". It does have the annoying side-effect of making it more obvious that your ISP is Verizon, something a lot of us would prefer to hide (and you voted against with your wallet , but that fact can be seen in the Received headers of your outbound mail anyway.
It isn't hard at all. But aren't I right to think that this would make it clear that my email did not come from my university account, even though their reply would go there? They would see verizon.net first, right? That is, for me, a (small, I don't want to overblow this) problem. I know that I am going to look differently at email that comes from an .edu address than from a .net address, and I expect that most other people in my position would do the same. I'll assume that someone writing from an .edu domain is someone with a certain level of competence, since they were able to get a job in a very tight market, and someone with something potentially interesting/important to say; I'll be more skeptical about some message that looks to be on an academic subject but comes from somewhere else. I will read .edu mail more quickly and in a different frame of mind than a message from yahoo.com or verizon.net. Now look, obviously this is a subtle difference. It is not like I only read .edu mail, or base my judgment of a message's content solely on the domain whence it originated (it is also not like I commonly say 'whence'). And maybe my professional messages would all be received the same way even if they came from verizon.net. But if I am asking someone for a favor, or trying to convince them of something, I'd like to have them in the best frame of mind from the start.
But look, I hate spam as much as anyone. If what Verizon is doing is really a very effective way of fighting spam, then I would (if I were still a Verizon customer) be willing to put up with it.
Dale | |
| | | | | sadowskiI Am My Own DoppelgangerPremium,MVM
join:2000-04-14
Buffalo, NY | Re: Verizon's is actually the more-sensible approach said by drdaleemiller:
But aren't I right to think that this would make it clear that my email did not come from my university account, even though their reply would go there? They would see verizon.net first, right?
Yes, but more than that, if you were subscribed to any lists from @wherever.edu you could not participate in that list from your Verizon account anymore since most lists validate by by the From: field. That could be a very real problem for people who have their own domains without a corresponding email account somewhere since unless they unsub now, after the 12th, they won't be able to send comments or commands to the list using Verizon servers. | |
|
| | | dru
join:2000-09-14
Corona, CA | While the email may get to the right place with this scheme, there are many situations where this approach is simply unacceptable.
Some may be in a business where they do not care, but for many people it's important. When I work out of my home at night or weekends, I use Adelphia cable access because I can't get DSL where I live, but I work for an independent DSL ISP. I really do NOT want official corporate communications to have a "from myusername@adelphia.net" or any other ISP appearing in the recipients "from" column and for what should be obvious reasons.
Adelphia rotates the dynamic/DHCP leases now among 5 Class C subnets, so I can not incorporate my IP address in the relay config of the corporate server without opening the server to too many other people.
I know it's unfair, but I tend to think less of a bandwidth salesman from XO extolling his companies virtues, yet the email originates from an @aol.com or @earthlink.net address. What, you don't even use your company's product? And sometimes it becomes a bit confusing. I've had a partner or department manager claiming "hey, I received this solicitation from verizon" but when I take the time to read the entire signature line, I realize the sender represents a different company.
Of course, it's Verizon's right to do what they please as a business decision. But I agree with Justin, if they are attempting to combat spam this is a lame, and unnecessary move. Blocking port 25 remains the only effective measure, and it's probably only really necessary on dynamic accounts; mail logs along with radius logs can pinpoint errant spammers who relay off the ISP servers.
Of course, port-25 blocks thwart the die-hards who want to operate their own SMTP server. But soon, running your own without explicit hosting arrangements with the ISP may be difficult. Many ISP mail servers are now refusing connections to SMTP servers that do not match forward and reverse DNS, or don't identify themselves what is resolved as the reverse. This is EXTREMELY effective in tripping up spam proliferation programs using outsources dialup connections and such. I believe ELNK has adopted this. So if your server identifies it self as mail.yourdomain.com but your IP reverses as dslcust-NYC3-12345.verizon.net then they won't accept it.
Bottom line, the "I deliver it directly to the recipients mail server" will soon not be a viable option either. | |
|
Reviews:
·Optimum Online
·Verizon Online DSL
| They did this a long time ago already EarthLink already started blocking port 25 a long time ago with their dial up accounts, really a pain in the as* when hosting a SMTP server that only accepts connections on port 25.
--
OMARNYC.COM - My place on the web - »www.omarnyc.com | |
| htin11
join:2000-08-10
Flushing, NY Reviews:
·Verizon FiOS
|  Verizon 'spam control'
as they say, one bad apples ruins the whole bunch...you shouldn't be mad at verizon, you should be mad at people who abused the mail servers.
It's like my road runner, i'm capped at 300 upstream due to people who ran servers and was sucking up everyone's bandwidth. that's why they cap everyone. Same thing here. | |
| |
See 7 replies to this post | |
| verizon takes leave of its senses i sent this to tech columnist rob pegoraro at the washington post in order induce him to embarrass verizon in public:
rob-
you might like to ask some verizon PR flacks how much their bosses have been drinking. allegedly as an anti-spam maneuver, verizon says that on 7/12 it is going to restrict the contents of the email "sender" field for all its ISP customers. this will prevent those of us with more than
one email account from using reply addresses that go to our non-verizon accounts. it also prevents those businessmen and women and others with their own private domains from using bellatlantic.net bandwidth to receive mail addressed to the private domain. evidently their "thought" was, enforce reliable sender addresses to kill spam. only problem is,
the way their system works, they don't actually validate the return address. it only has to SAY verizon.net, it doesn't actually have to BE FROM verizon.net. spammers can still forge whatever they like in that field and go merrily on their way. i had a conversation friday with verizon tech support where the 1st level tech script kiddie said essentially (but not verbatim): "yes, we can't figure out why the executives mean that, because it's way stupid, but they assure us in meetings that they do. sure we understand
technically how they are going to go about it, but it is bound to be merely a hassle to legitimate customers and ineffective against big spammers. no, we don't have anything written on the subject beyond the email that was sent to you and to us. but they did brief us at the weekly meeting that this change in policy was going to happen. we will gladly tell our superiors that you object. not that it will make any
difference." because i have had service difficulties with verizon routers going out all the time, i have become acquainted with a couple of second level technicians, one a kind of case manager, the other the fixed IP specialist. i sent them this today just before writing the washington post:
> verizos-
> a discussion of verizon's lame new sender-address maneuvers, due 7/12,
> has begun in a private newsgroup of antispam activists at spamcop.net.
> you may find the below quote instructive, as it gives the view of people
> who have been fighting spam, successfully, for some time, and know the
> ins and outs of all the various technical steps ISPs might want or be
> able to take... if, as suggested below, you are extending the former
> unsuccessful gte policy to verizon as a whole, then you are indeed
> doomed to loss of customers... of course, you techies are powerless in
> this, but several of us do want you to forward this to the security
> honchos and any other vice presidents you can think of who might be able
> to stop this ill-conceived policy in its tracks... or many of your most
> experienced spam-fighters will be forced to learn how to spell "covad"
> real fast... unless you couple it with serious service level guarantees in trade for loss of flexibility...
> >currently the gte servers won't allow customers to use addresses other
> >than @gte and @verizon and whatever...
> >however, they will allow any spammer in the world to abuse their servers,
> >just so long as the spammer claims to have an address which is @gte...
> >using the easily forgable sender address to determine who can send email
> >through the server is dumb...
> >looks like they're extending this policy to verizon, which will
> >inconvenience their own customers, while allowing spammers to abuse their
> >servers... it's almost unbelievable how completely stupid and incompetent
> >they are...
[text was edited by author 2001-07-02 14:24:38] | |
| | | Block ports? Bleh Stay off my port 25 -- blocking outgoing connections is way more obnoxious than blocking arbitrary addresses from mail servers. I want a real connection to the net, not some filtered thing. What's next, blocking port 119 to prevent the use of 3rd party news-servers? Blocking port 21 to prevent piracy? Port 80 so you have to use an ISP-provided proxy? Might as well use AOL if they're going to do that. | |
| RARPSL
join:1999-12-08
Suffern, NY | Verizon does not follow own rules
OK, lets say I am currently connected to an ISP that has the same policy. Can I get to the Verizon SMTP Server so I can pass it my Verizon origin Email like they TELL ME to do for others? No way in [censored]. Their server rejects me since I am not on their network and they do not support SMTP AUTH (or POP before SMTP or POP XTND XMIT) to prove my right to use their SMTP Server like they want me to do for other ISPs [when using Verizon Connectivity].
They should have cleaned up their own house BEFORE implementing this farce. FIRST allow ALL Customers access to their Servers (with proper "I am your Customer" Validation when not using Verizon Connectivity) before telling them that they must use some other ISP's Servers for Non-Verizon mail. | |
| | | WHAT ??? Where did this information come from?
Subject:
New Anti-Spam Feature From Verizon Online
Date:
Wed, 27 Jun 2001 20:23:02 -0000
From:
Verizon Online
To:
customer@verizon.net
Dear Verizon Online Member,
We're excited to announce Spam Detector -- a new spam filtering
service available free of charge, which will help you limit the
amount of spam that enters your local mailbox. This service will be
available to you beginning the week of July 11. Here's more:
How does Spam Detector work?
Spam Detector uses a monitoring system that consists of "dummy"
e-mail accounts from many popular e-mail providers. Our team of
experts reviews messages received in these "dummy" accounts. They
then create a set of rules to define spam. Rules are constantly
adjusted based on the type of spam received in these dummy accounts
and through customer input. The rules are then applied to all
incoming @verizon.net accounts that are using the Spam Detector
service.
Do the spam experts read my private e-mail?
No. The experts are monitoring "dummy" e-mail accounts to create the
rules. These rules are applied to the Spam Detector server which
filters all Spam Detector users email. No one will need to read or
have access to your personal e-mail. | |
| | sadowskiI Am My Own DoppelgangerPremium,MVM
join:2000-04-14
Buffalo, NY | Re: WHAT ??? Where did this information come from? The email at question is below. It was sent only to those they detected using addresses with domains other than those listed. Since I may have only done this the day I signed up they must be doing a thorough job of it. The service in the email you posted appears to be by invitation only.
Dear Verizon Online Customer:
Our records indicate that you are sending e-mail from a domain that is something other than:
@banet.net
@bellatlantic.net
@verizon.net
@gte.net
As such, we want to alert you to a change in our e-mail systems that will affect your ability to send mail from your current domain.
Effective July 12, 2001, Verizon Online is implementing "domain verification". As a result of this change, you will not be able to send e-mail from that domain after July 12, 2001.
We recommend that you immediately check your e-mail settings and change your domain back to one of the three supported domains before July 12, 2001. For information on how to check and change you're e-mail domain, visit our Online Help.
»support.bellatlantic.net/members···?EMAILQ1
We apologize for the inconvenience, however, this change will allow us to limit the number of domains that can access our e-mail servers to aid in the reduction of SPAM.
If you require further assistance, you may visit Online Help at »support.bellatlantic.net/members···?EMAILQ1.
We value your business and appreciate your assistance.
Sincerely,
Verizon Online
| |
| | sporkmedrop the crantini and move it, sisterPremium,MVM
join:2000-07-01
Morristown, NJ | Sounds like they subscribed to Brightmail for incoming mail:
»www.brightmail.com/
Pretty ingenious system, but quite pricey... | |
| | | |
andek
join:2000-05-26
Coram, NY | Need i say more
another way for big brother to watch over us! | |
| torel
join:2000-01-27
Morrison, CO | From the DSL company point of view I'm in favor of DSL providers providing SMTP based upon IP address, regardless of ISP or domain and Port blocking is more sensible than domain blocking. Here is how it worked in the DSL world before the crash that took down my company Jato and others:
A company is using email through a dial-up ISP - their own domain or the ISP's. They may have more than one location including home and on the road. They can all use their email because the domain is hosted by their dial-up ISP and whatever rules applied before DSL were familiar and accepted by them.
The DSL company comes along and sells them a DSL line to their office. If their ISP has connections through the DSL company, the IP addresses are recognized and the customers still use mail without changing settings or any other problems. If, as was likely for my DSL company, the ISP didn't have a connection, the customer would have one ISP for their office and one for elsewhere. BIG PROBLEMS and their mail would now not work from the office!!!
The typical local ISP blocks SMTP mail from unknown IP addresses. Almost none use SMTP authentication, since that is more than the ISP's need. Their reaction was uniformly "You are supplying their IP address, you should be supplying their SMTP." That was their way to allow a dial-up customer use whatever account/domain they wanted and send mail through the ISP's mail server.
I agreed with that, but I couldn't pursuade my bosses (who refused to speak to the customers themselves) to open up our mail servers to our IP addresses. The bosses were of the opinion that whoever was supplying email to them should provide their SMTP - if they wanted they could switch over to our email entirely. It makes theoretical sense, but that would entail the customer's ISP changing their anti-SPAM protections, which none would do. Since we outsourced our email for $2/mailbox and provided five for free to customers, we also lost money forcing customers to bring their email to us. It was putting the customer in the middle of a battle between their dial-up ISP and Jato and they were the ones suffering without SMTP service.
It also meant spending hours explaining to customers why their email they had been using so reliably now wouldn't work, switching DNS and customer email settings, including often forcing them to change their email address @theirISP.com since our authentication checked their "From" domain, it killed several deals when we had to charge customers for mailboxes they used to receive for free, and it gave our company a black eye for having promised no problems and then killing their office email for days.
The final straw happened when Jato stopped service. Customers who had brought their domains and email to Jato were now stuck - the outsource vendor continued email, but at a price. If the ISP supplying the IP address is the one that provides SMTP service, the customer is up and running as soon as they get an IP. If the ISP insists on screwing with domains, problems happen and everyone suffers. | |
| Anon
| Not in the West I've been on Verizon West's Network and Port 25 has been enabled since the get go. The "from" field exception is only monitored if you use the smtp gateway given to residential dsl customers. Business Dsl customer may use another ISP or use the managed mail services or web hosting mail server. Of course, Verizon can not control another ISP's rules concerning their smtp gateway.
Verizon west blocks port 25 with Dial-up access only.
[text was edited by author 2001-07-05 12:13:13] | |
| | Anon | About Time | |
| | | It's time to make spamming CRIMINAL. What Verizon is trying to do is wonderful, but are they accomplishing this?
This means that every member must use their Verizon email address when sending ANY mail. This means that if a person uses Hotmail, Mail.Com, or any other third party vendor to use as a reply address on it's mailings, it can no longer do this. For me, I don't use my phone co. ISP email address, but I use mail.com and forward all replies from mail.com to Qwest.Net. But the emailings out say Mail.Com and not Qwest.Net.
What this does is restrict the efforts of the many good people because of a few bad people.
Spamming is wrong. Personally, I think it is about time we provide nationwide criminal sanctions for spam. Unless the spammer has specific written authorization the mass email cannot be sent out.
Maybe a year in jail or so would teach most of these con artists to knock this off. Do you know how much time I waste with these messages?
In reality, most spammers of UCErs (Unsolicited Commercial Email) are simply con-artists, people that cannot keep (or refuse to keep) a real job, convicted felons, and/or child molesters (or future child molesters). Instead they sit in their house all day, trapped on their computer and devise and send these things on wasteful products or pornography.
It is time that Congress act to stop this. I know it won't stop completely, but it will keep some low-life people from getting into the business.
My take. It is time that President Bush and Congress do something constructive rather than sit around and take pot shots at each other. | |
| | | | Re: It's time to make spamming CRIMINAL. | |
|
| | The Truth be known Actually on Verizon Biz accounts simple DNS hosting is still available for customers wanting to host their own web\mail servers. They are not and will never be blocking port 25 to my knowledge. With their Biz accounts this is a free service. Web-hosting is another story though. As far as changing their consumer e-mail policy this was just to stop relaying, or potential spam. If it was your mail server would you want thousands of junk e-mail blocking up your servers? I think you would see it a little differently if you were the one working on it or paying for it's upkeep to handle that. I personally run my own web/e-mail server, and get continual bombardment from people trying to access my SMTP ports, think of how many hits a server on that kind of channel would get. | |
|
| |
|
