Re: Verizon's is actually the more-sensible approach in

Re: Verizon's is actually the more-sensible approach in http://www.dslreports.com/forum/r1062305 en Sun, 06 Dec 2009 05:35:32 EDT Sun, 06 Dec 2009 05:35:32 EDT Re: Verizon's is actually the more-sensible approach http://www.dslreports.com/forum/remark,1077554 dru : While the email may get to the right place with this scheme, there are many situations where this approach is simply unacceptable.

Some may be in a business where they do not care, but for many people it's important. When I work out of my home at night or weekends, I use Adelphia cable access because I can't get DSL where I live, but I work for an independent DSL ISP. I really do NOT want official corporate communications to have a "from myusername@adelphia.net" or any other ISP appearing in the recipients "from" column and for what should be obvious reasons.

Adelphia rotates the dynamic/DHCP leases now among 5 Class C subnets, so I can not incorporate my IP address in the relay config of the corporate server without opening the server to too many other people.

I know it's unfair, but I tend to think less of a bandwidth salesman from XO extolling his companies virtues, yet the email originates from an @aol.com or @earthlink.net address. What, you don't even use your company's product? And sometimes it becomes a bit confusing. I've had a partner or department manager claiming "hey, I received this solicitation from verizon" but when I take the time to read the entire signature line, I realize the sender represents a different company.

Of course, it's Verizon's right to do what they please as a business decision. But I agree with Justin, if they are attempting to combat spam this is a lame, and unnecessary move. Blocking port 25 remains the only effective measure, and it's probably only really necessary on dynamic accounts; mail logs along with radius logs can pinpoint errant spammers who relay off the ISP servers.

Of course, port-25 blocks thwart the die-hards who want to operate their own SMTP server. But soon, running your own without explicit hosting arrangements with the ISP may be difficult. Many ISP mail servers are now refusing connections to SMTP servers that do not match forward and reverse DNS, or don't identify themselves what is resolved as the reverse. This is EXTREMELY effective in tripping up spam proliferation programs using outsources dialup connections and such. I believe ELNK has adopted this. So if your server identifies it self as mail.yourdomain.com but your IP reverses as dslcust-NYC3-12345.verizon.net then they won't accept it.

Bottom line, the "I deliver it directly to the recipients mail server" will soon not be a viable option either.]]> http://www.dslreports.com/forum/remark,1077554 Thu, 05 Jul 2001 16:49:56 EDT Re: Verizon's is actually the more-sensible approa http://www.dslreports.com/forum/remark,1076702 RARPSL :

said by tschmidt:
Paragraph 2. Lets say I have a large number of email accounts. The simplest configuration from a user's perspective is the use the SMTP server on the network I am physically connected to. It is possible to use the SMTP server provided by others.

WRONG. The simplest configuration is one where your SMTP Settings are independent of your current connectivity (ie: You always ASK for SMTP Server X for Persona X and SMTP Server Y for Persona Y and any Port25 Blocking will AUTOMATICALLY force direct you to the Connectivity Provider's SMTP Server which accepts ALL Email for relaying) . This is simple since it works no matter where you are coming in from AND no changes are needed in your Email Parms just because you are connecting from a different Connectivity Provider). You either use the SMTP Server you ask for (which may verify your authority via SMTP AUTH/POP-Before-SMTP/POP XTND SMTP) or have the SMTP Server Address ignored and are directed to a provided SMTP Server which will handle your Email NO MATTER what From or Reply-To address is provided.]]> http://www.dslreports.com/forum/remark,1076702 Thu, 05 Jul 2001 14:00:43 EDT Re: Verizon's is actually the more-sensible approach http://www.dslreports.com/forum/remark,1068489 sadowski :

said by drdaleemiller:
But aren't I right to think that this would make it clear that my email did not come from my university account, even though their reply would go there? They would see verizon.net first, right?

Yes, but more than that, if you were subscribed to any lists from @wherever.edu you could not participate in that list from your Verizon account anymore since most lists validate by by the From: field. That could be a very real problem for people who have their own domains without a corresponding email account somewhere since unless they unsub now, after the 12th, they won't be able to send comments or commands to the list using Verizon servers.]]> http://www.dslreports.com/forum/remark,1068489 Tue, 03 Jul 2001 16:48:37 EDT Re: Verizon's is actually the more-sensible approach http://www.dslreports.com/forum/remark,1067844 drdaleemille :

said by richb01803:
OK, so you're using Netscape Messenger. How difficult is it to click Edit -> Preferences -> Mail & Newsgroups -> Identity and then fill in the following two fields:

Email address: drdaleemiller@verizon.net
Reply-To address: drdaleemiller@myuniversity.edu

I don't quite understand that this would lack any "professionalism". It does have the annoying side-effect of making it more obvious that your ISP is Verizon, something a lot of us would prefer to hide (and you voted against with your wallet ;-), but that fact can be seen in the Received headers of your outbound mail anyway.

It isn't hard at all. But aren't I right to think that this would make it clear that my email did not come from my university account, even though their reply would go there? They would see verizon.net first, right? That is, for me, a (small, I don't want to overblow this) problem. I know that I am going to look differently at email that comes from an .edu address than from a .net address, and I expect that most other people in my position would do the same. I'll assume that someone writing from an .edu domain is someone with a certain level of competence, since they were able to get a job in a very tight market, and someone with something potentially interesting/important to say; I'll be more skeptical about some message that looks to be on an academic subject but comes from somewhere else. I will read .edu mail more quickly and in a different frame of mind than a message from yahoo.com or verizon.net. Now look, obviously this is a subtle difference. It is not like I only read .edu mail, or base my judgment of a message's content solely on the domain whence it originated (it is also not like I commonly say 'whence'). And maybe my professional messages would all be received the same way even if they came from verizon.net. But if I am asking someone for a favor, or trying to convince them of something, I'd like to have them in the best frame of mind from the start.

But look, I hate spam as much as anyone. If what Verizon is doing is really a very effective way of fighting spam, then I would (if I were still a Verizon customer) be willing to put up with it.

Dale]]> http://www.dslreports.com/forum/remark,1067844 Tue, 03 Jul 2001 14:16:51 EDT Re: Verizon's is actually the more-sensible approa http://www.dslreports.com/forum/remark,1067471 kjv : That's true, BUT your IP address/reverse DNS will show up in the header.

So, guess what.... YUP!!! You're spamming, and it can be proven, and therefore you can be disconnected from the VZ service.

Sorry... Nice try though.... Send much spam do ya? ;-)]]> http://www.dslreports.com/forum/remark,1067471 Tue, 03 Jul 2001 12:51:42 EDT Re: Verizon's is actually the more-sensible approach http://www.dslreports.com/forum/remark,1067357 sadowski :

said by rchandra:
As long as they leave my outbound TCP port 25 alone, that suits me (and I'm guessing you) just fine. ;) :)

Yeah, you and I will be fine but I am disturbed by what could be a trend. I don't know if you are familiar with the old ServTech out of Rochester (now owned by Verio) but they did their best to provide a good networking experience to even dialup users because they were a network supplier (till places like Kodak and others decided they could handle it on their own). Larger ISPs like AOL, MSN, Earthlink, Verizon, etc. have the power to really change the network experience by restricting services which most people will just live with because they don't know better or feel they can't do anything about. The ISPs can, or do have the power to make the expereince as bland as tv, as safe as tv or as simplified as USA Today. To me, the danger is in a gradual deterioration of the experience by picking away at small bits. (Shrug) That's what it's all about to me.

quote:

Maybe not directly, but indirectly it does. If/when it works, the market can be a very powerful force indeed.

My problem with that is that the masses don't always know. The Internet now, and eventualy networking generaly, is being marketed to the masses and they are not knowledgable enough or experienced enough to truly judge. Everybody's first car was great because they just didn't know better. :)

quote:

(born 7-Sep-1965).

You're just a kid! :) (5-12-56)

quote:
That's the one! Come to think of it, "The Man Show" would probably be pretty disgusting to many, but I don't watch that much...only the part that's on after something else I watch (used to be on after "South Park").

I prefer a good porn film. :)

quote:

BTW...I have to chuckle just about every time I pass by Southpark Ave., because almost every time, that theme starts running through my head. :) :) :)

For a number reasons, I cancelled my cable tv service and I shall miss SP (though I hear the full episodes are available on the network :))]]> http://www.dslreports.com/forum/remark,1067357 Tue, 03 Jul 2001 12:22:11 EDT Re: Verizon's is actually the more-sensible approach http://www.dslreports.com/forum/remark,1067177 rchandra :

said by sadowski:
(I'm not, however, suggestting that they are planning to pull mail service or charge extra for.)

As long as they leave my outbound TCP port 25 alone, that suits me (and I'm guessing you) just fine. ;) :)

said by sadowski:
quote:
If you and I (both Buffalo VZ subscribers) don't like their new SMTP policy, we can subscribe to Telerama for example instead.
But that's just more of that go back where you came from kind of thing. It doesn't address the approriateness of this kind of action.

Maybe not directly, but indirectly it does. If/when it works, the market can be a very powerful force indeed.

said by sadowski:
PBS has become very safe and very commercial oriented (in the sense that it has started pandering toward mass audience to facilitate donations). If you're old enough to remeber PBS in the seventies they were doing and showing original drama of substance, controversial political/social programs and science programming that had substance (not like what poor Nova has become now, or since they stopped buying Horizons and replacing the narration track with an American voice).

Nope, I wasn't too much of a PBS watcher back then. In the late sixties and early seventies, I was a "Sesame Street" and "Electric Company" viewer (born 7-Sep-1965).

said by sadowski:
quote:
I can think of a certain popular Comedy Central program that a lot of people think is quite objectionable (but I personally usually find hilarious).

I think show title "Everyone Loves Raymond" represents a lot TV marketing's mentality.

definitely.

said by sadowski:
Other than South Park...

That's the one! Come to think of it, "The Man Show" would probably be pretty disgusting to many, but I don't watch that much...only the part that's on after something else I watch (used to be on after "South Park").

BTW...I have to chuckle just about every time I pass by Southpark Ave., because almost every time, that theme starts running through my head. :) :) :)
--
Benjamin Franklin: Those who sacrifice freedom for a sense of security deserve neither.]]> http://www.dslreports.com/forum/remark,1067177 Tue, 03 Jul 2001 11:36:10 EDT Re: Verizon's is actually the more-sensible approach http://www.dslreports.com/forum/remark,1067102 sadowski :

said by richb01803:
I don't quite understand that this would lack any "professionalism".

Because Me@MySmallBusiness.com would not show in the Sender field of my client's mail reader. What's more, not every mail client will default to using the Reply-To address. Some will prompt and say use reply-to instead of...? There's more than I can think of too but there's no need to get into it here. My example should be enough.]]> http://www.dslreports.com/forum/remark,1067102 Tue, 03 Jul 2001 11:16:19 EDT Re: Verizon's is actually the more-sensible approach http://www.dslreports.com/forum/remark,1067075 sadowski :

said by rchandra:
I think traffic that has no business on the Internet (e.g., with an RFC1918 source IP address) should be filtered out.

Private addresses, I think? I have no problem with that. I have no problem with any filtering done on technical grounds, if it pertains to the actual technical limits of the network (vs. too many users using porn sites so we block them because it wastes our bandwidth - a psuedo-technical argument).

quote:
As far as VZ providing services...they do provide mail,

There is also language on their website that suggests that they are not contractualy obligated to do so. I posted it in the Verizon forum a while back. (I'm not, however, suggestting that they are planning to pull mail service or charge extra for.)

quote:
If you and I (both Buffalo VZ subscribers) don't like their new SMTP policy, we can subscribe to Telerama for example instead.

But that's just more of that go back where you came from kind of thing. It doesn't address the approriateness of this kind of action.

quote:
I don't get the analogy to commercial TV. There is plenty on commercial TV that could be deemed offensive. The alternative would be PBS I'm guessing?

PBS has become very safe and very commercial oriented (in the sense that it has started pandering toward mass audience to facilitate donations). If you're old enough to remeber PBS in the seventies they were doing and showing original drama of substance, controversial political/social programs and science programming that had substance (not like what poor Nova has become now, or since they stopped buying Horizons and replacing the narration track with an American voice). So, no, I don't see PBS as much of an alternative anymore. :)

quote:
If anything, I'd think that'd be more sanitized/cleaned than commercial TV. Also, if by "commercial TV" you would be willing to include satellite/cable programs, I can think of a certain popular Comedy Central program that a lot of people think is quite objectionable (but I personally usually find hilarious).

OK, my laziness. The commercial broadcast networks in which all is sanitized and made pallitable to some oddball marketers sensibility (or their distorted view of 'our' sensibilities) and where everything is faked and controlled for and by marketting. I think show title "Everyone Loves Raymond" represents a lot TV marketing's mentality.

Other than South Park and some of the old Sunday animation block (the transplated Duckman, Bob & Margaret, Dr. Katz) I don't know CC that well, but it is owned by MTV (isn't it?) which would make it an interesting study since MTV and the MTV Networks are pure marketing. :)]]> http://www.dslreports.com/forum/remark,1067075 Tue, 03 Jul 2001 11:08:16 EDT Re: Verizon's is actually the more-sensible approach http://www.dslreports.com/forum/remark,1066938 richb01803 : OK, so you're using Netscape Messenger. How difficult is it to click Edit -> Preferences -> Mail & Newsgroups -> Identity and then fill in the following two fields:

Email address: drdaleemiller@verizon.net
Reply-To address: drdaleemiller@myuniversity.edu

I don't quite understand that this would lack any "professionalism". It does have the annoying side-effect of making it more obvious that your ISP is Verizon, something a lot of us would prefer to hide (and you voted against with your wallet ;-), but that fact can be seen in the Received headers of your outbound mail anyway.]]> http://www.dslreports.com/forum/remark,1066938 Tue, 03 Jul 2001 10:24:32 EDT Re: Verizon's is actually the more-sensible approach http://www.dslreports.com/forum/remark,1066728 rchandra : I think you pretty much have this right, with an exception or two. I think traffic that has no business on the Internet (e.g., with an RFC1918 source IP address) should be filtered out. In this sense, ISPs have to cooperate to become the Internet police.

As far as VZ providing services...they do provide mail, and they hope that their pending change will win them more customers than they will lose. They appear to be playing the open market here. If you and I (both Buffalo VZ subscribers) don't like their new SMTP policy, we can subscribe to Telerama for example instead. I don't know of any out there, but there could be other hosting companies that would be willing to accept your mail, and if VZ start mangling tcp/25, also provide a VPN service so you can get at their [E]SMTP servers.

I don't get the analogy to commercial TV. There is plenty on commercial TV that could be deemed offensive. The alternative would be PBS I'm guessing? If anything, I'd think that'd be more sanitized/cleaned than commercial TV. Also, if by "commercial TV" you would be willing to include satellite/cable programs, I can think of a certain popular Comedy Central program that a lot of people think is quite objectionable (but I personally usually find hilarious).

(edit was to add anchor/link to RFC1918)
[text was edited by author 2001-07-03 11:20:58]]]> http://www.dslreports.com/forum/remark,1066728 Tue, 03 Jul 2001 09:16:01 EDT Re: Verizon's is actually the more-sensible approach http://www.dslreports.com/forum/remark,1066682 drdaleemille : I just missed being affected by this policy, since I just moved into an area not served by Verizon DSL and switched to @HOME. But I would have been hurt by it, since I did have my email set up with a different FROM address. My university has a screwy email system based on Lotus Notes. When I am working from home, I access my mail using a web-based client; it isn't too different from using Hotmail or Yahoo. But there is no way to configure the mail client to pop up if I am reading someone else's web page and click on their mailto link. I have to copy their address onto the clipboard, open the webpage for my email, and paste in the address. To avoid that hassle, I used Netscape mail to send mail in that sort of case. But if I am writing to a professor at another university about some professional (professorial?) business, I want to make it clear that I am a professor myself. Professors, and philosophy professors especially, get a lot of mail from cranks, so it is kind of important to have mail coming from an .edu domain. So that is how I set Netscape mail up; it is convenient for me to use, and it gives my mail some initial credibility (until they actually read the content, and realize that I am a crank too, albeit one with a job). Surely there is nothing illegitimate about this? And surely it is a little unreasonable to suggest that I ought to set up a Linux box? Were I still with Verizon, I think that I would be very unhappy about their policy, unless it was shown to make a real difference in the war on spam.]]> http://www.dslreports.com/forum/remark,1066682 Tue, 03 Jul 2001 08:56:25 EDT Re: Verizon's is actually the more-sensible approach http://www.dslreports.com/forum/remark,1066675 rchandra :

said by fhmiller:
The mail server we use at work requires the ip address be one of it's [sic] own for sending. Therefore we can't send through it from home. If we used Verizon for home dsl we couldn't send work mail.

That simply means you haven't set up a mail server that can do this. Go to the Verizon thread and read about the various schemes, the most popular being authenticate-then-email (POP then [E]SMTP). Also, it sounds like you haven't thought about setting up VPN connections (which would put your home computer or network in the IP address space of your company).

If you're not willing to do either of these, it's not VZ's fault, it's the fault of your company.
--
Those willing to sacrifice freedom for security deserve neither.]]> http://www.dslreports.com/forum/remark,1066675 Tue, 03 Jul 2001 08:54:40 EDT Re: Verizon's is actually the more-sensible approach http://www.dslreports.com/forum/remark,1066653 rchandra : Sorry, I just don't agree that this should be done. Yes, I would agree that some customers use their broadband connection poorly this way. The solution ought to be to make these ex-customers more liable than simply cancellation of their account; part of the ToS that must be accepted before service is turned up should be a statement of cleanup charges that will be imposed should they participate in such activity, and therefore it will be more than just not paying $20/month.

I want a clean IP pipe to the Internet, devoid of any packet filtering or redirection, except for dropping illegitimate packets (for example, those with an RFC1918 source IP address). If you're worried about John Q. Spammer using his BB connection for that, employ tcp/25 traffic shaping, and if the customer wants better tcp/25 bandwidth, provision the account as a business connection.
--
Those willing to sacrifice freedom for security deserve neither.]]> http://www.dslreports.com/forum/remark,1066653 Tue, 03 Jul 2001 08:44:57 EDT Re: Verizon's is actually the more-sensible approa http://www.dslreports.com/forum/remark,1065208 sporkme : Verizon's plan is a sham. It will not stop spam in the least.

Here's a list of "spamware". You'll find that all of it bypasses the spammer's mail server. This is what earthlink successfully stops, but what verizon is allowing people to do.

»www.spamhaus.org/rationale.html

Here's a snippet from one of the more popular pieces of spamware:

"How Desktop Direct Works
When you use your ISP's Mail Server - your mail goes through a lot before it actually reaches the recipient - after you press "send", your mail travels:

From your computer to your ISP's Mail Server
From your ISP's Mail Server to all of your recipients' ISP Mail Server
From your recipients' ISP Mail Server to their computers

When you use Desktop Direct - you bypass your ISP's Mail Server - so your mail only travels:

From your computer to your recipients' ISP Mail Server
From your recipient's ISP Mail Server to their computer

You will not be putting any additional "strain" on your ISP's Mail Servers or "abusing bandwidth" - your computer does the work!"

Again, VZ is doing nothing to protect against this method of spamming... What exactly is their logic? Will they be selling domain/mail hosting soon?]]> http://www.dslreports.com/forum/remark,1065208 Mon, 02 Jul 2001 22:01:17 EDT Re: Verizon's is actually the more-sensible approa http://www.dslreports.com/forum/remark,1063910 tschmidt : Richb01803

Paragraph 1 -- I agree

Paragraph 2. Lets say I have a large number of email accounts. The simplest configuration from a user's perspective is the use the SMTP server on the network I am physically connected to. It is possible to use the SMTP server provided by others. However, they are also concerned with spam and may have policies that make it difficult to connect. Also, if the network provider decides to block port 25 you are dead in the water.

Paragraph 3 That is one solution. We let our employees access mail that way. If that is what the company wants to do fine. But it should not be dictated by the carrier.

Paragraph 4 -- I think this is really the crux of the problem. What Verizon is doing forces customers to do more work while not having any effect on spam.]]> http://www.dslreports.com/forum/remark,1063910 Mon, 02 Jul 2001 17:20:56 EDT Re: Verizon's is actually the more-sensible approa http://www.dslreports.com/forum/remark,1063734 richb01803 :

said by sporkme:
...presumably because VZ seems to have issues keeping a simple mail server running 24/7/365).

This will likely affect more than ".00001%" of users. There's alot of folks out there that have personal domain names.

The main technical thrust of my argument is precisely that the average telco is incapable of running a "simple" mail server capable of billions of transactions daily. It's inconceivable that one would deliberately construct a company which covers 40% of the population of the USA, proposes to capture dominant market share of ISP services within that geographic footprint, and funnel all those users' email through a particular SMTP server. It's a scaling problem that no sane person would want to take upon themselves; even AOL, which has already scaled up to that level by building up teams of engineers who know email inside & out, has its bad days.

On the latter point: thus far the only legit scenario brought up here which Verizon's approach interferes with is the case of the telecommuter who configures an SMTP mail client (Outlook Express, Netscape, or Eudora) such that reply email goes to work rather than to a Verizon mail server. Are there any other cases? If not, then I have a simple response for Verizon mail users: configure your SMTP client to put an allowed domain in the From header, and put your office's email domain in the Reply-To header.

For road warriors who want to be able to connect into the office and send/receive mail via a variety of ISPs, the best solution is to set up a VPN tunnel into your office so you can use the exact same settings (including IP addresses) from the office LAN or from any remote ISP. (I hasten to add that my current employer is a VPN purveyor, and of course that none of my DSLR postings reflect the views of that employer.)

I do agree with those who have pointed out that Verizon's approach doesn't really go after the problem very effectively; spam still gets out, it just happens to be slightly more obvious where it came from.]]> http://www.dslreports.com/forum/remark,1063734 Mon, 02 Jul 2001 16:45:27 EDT Re: Verizon's is actually the more-sensible approa http://www.dslreports.com/forum/remark,1063409 sporkme :

said by richb01803:
Re-reading the summary on this, I can't see why one would disagree with Verizon's policy on this matter.

They aren't restricting users on their network from receiving mail from anyone. They are restricting users of Verizon's SMTP gateways from sending email which is tagged with a From address other than that email server itself.

That's eminently sensible.

If you want to use a domain name other than one of the Verizon domains, then you should set up your own mail server for outbond mail (a typical Linux box will do fine), and/or pick up your mail from some other site.

Verizon's policy will probably affect 0.0001% of legitimate mail users: if you've got your own domain name, you're in all likelihood not using Verizon's mail servers to receive your mail, so the impact will be to get you to pay attention to how your software is configured to send outbound email.

The Earthlink policy, on the other hand, is one I object to strenuously.

Actually, most ISP mail servers will NOT let you relay through them unless you are coming from that ISPs own netblock. This is pretty much industry standard, and that's how we do it. SMTP-AUTH is an option, but again, the support costs on getting people to set yet another doodad in Outlook are prohibitive. We've already had a few Verizon users call about this (they use us for mail, presumably because VZ seems to have issues keeping a simple mail server running 24/7/365).

This will likely affect more than ".00001%" of users. There's alot of folks out there that have personal domain names. Especially business users. And VZ is actively marketing to businesses.

As for Earthlink, it's the only sensible thing to do. 90%+ of spam I see is from dialups via "direct to MX". I applaud Earthlink for policing their userbase. I really have no problem with setting up a relay host. It's trivial, and Earthlink has a much better track record than other large ISPs with handling mail properly.

How do you propose an ISP with millions of users stops 'direct to MX' spam other than blocking port 25? Once the spam is sent, it's sent. Would you suggest they hire 50-60 people just to man the abuse desk and cancel violators AFTER the offense?

For smaller ISPs, it's easier, but when you buy commodity products, you should expect commodity service, IMHO.]]> http://www.dslreports.com/forum/remark,1063409 Mon, 02 Jul 2001 15:35:20 EDT Re: Verizon's is actually the more-sensible approach http://www.dslreports.com/forum/remark,1063119 spenster :

quote:
This forum itself is a way to send anonymous email: I get to express opinions here without having them directly traceable to my employer. That way I'm less inhibited, as are a number of the other regular contributors, so the issues are tackled much more directly.

Yes, this forum is a way to send anonymous email but the user has the choice whether or not they see the message using this method (either going to the site or not). Recipients of spam have no choice but to deal with the constant stream of unsolicited mail pouring into their computer.

As for your comment about a "re-think" of the internet's current method of mail delivery, that would be a great thing but what are users to do RIGHT NOW? Verizon customers that have their own domain names have been using the ISP's smtp server to send their mail because a lot of them do not want to set up their own mail servers and many of their hosts don't provide the ability to relay through their machines because of potential for abuse. Many hosting providers that I've seen simply provide pop3 mailboxes only. I know many people don't like Microsoft products but Exchange has the ability to restrict relaying via user authentication already as well as by ip. I personally prefer ip restrictions because it is too easy to impersonate a user not using secure password authentication due to the fact that user names and passwords for authentication are typically sent in plain text. Even if the ISP uses secure authentication, each and every user would have to use this configuration which means potential for more support calls due to incorrect client configurations. And not all clients support this method either. Bottom line is that for those who cannot send mail now, no matter how few, have a problem that will not be solved by a "re-think" of the current architecture. At least not soon enough for them of course. Many ISPs have attempted relay control via ip restrictions and for the most part it works. It's by no means a flawless process, but it does put a dent into the problem. 95% of the spam that has come across my inbox comes from mail servers that are open relays (no relay restrictions at all). I've verified many of them by sending messages to myself through their servers. If people running these servers would be kind enough to care about the rest of us on the net and close down these open relays, we'd see far fewer amounts of spam.]]> http://www.dslreports.com/forum/remark,1063119 Mon, 02 Jul 2001 14:37:13 EDT Re: Verizon's is actually the more-sensible approach http://www.dslreports.com/forum/remark,1062728 sadowski :

said by justin:
ISPs all have subscriber agreements

That's not the same as blocking service access. If the ISP doesn't want to enforce its rules it should either not make them or it should suffer the consequences of not enforcing them. Blocking services is not a reasoned response to laziness or ineptitude.

quote:
the discussion has gone off topic though

I don't think so. This is where these types of actions take us. What ISPs do have consequences and set trends too. These issues need to be addressed.]]> http://www.dslreports.com/forum/remark,1062728 Mon, 02 Jul 2001 12:54:38 EDT Re: Verizon's is actually the more-sensible approach http://www.dslreports.com/forum/remark,1062709 Network Guy : Amen.]]> http://www.dslreports.com/forum/remark,1062709 Mon, 02 Jul 2001 12:49:13 EDT Re: Verizon's is actually the more-sensible approach http://www.dslreports.com/forum/remark,1062705 sadowski :

said by htin11:
as they say, go somewhere if you don't like what they offer.

Bring back slavery too then, eh?]]> http://www.dslreports.com/forum/remark,1062705 Mon, 02 Jul 2001 12:47:59 EDT Re: Verizon's is actually the more-sensible approach http://www.dslreports.com/forum/remark,1062640 richb01803 : Well, maybe having the big ISPs implement really annoying restrictions will force the software companies to innovate and provide better email software.

Email's the #1 most popular application on the Internet, and it's been that way since the beginning.

Software vendors put their heads in the sand ages ago and decided that complying with a 20-year-old RFC with the likes of sendmail (world's buggiest program), Eudora and Outlook (world's least secure program) from now until eternity is a fine and acceptable state of affairs.

Well, I reiterate: email software as it stands today is "not well made". It's not up to the average 10-employee small business to come up with the answer to this problem; it's up to the well-heeled software vendors to do it. If not them, then perhaps the Linux freeware development community will take on this challenge (if for no other reason than to do an end run around SMTP port 25 when the ISPs gang up and block it).

I don't think the ISP managers are playing a good game of chess here. They'll bring worse problems on themselves by continuing these policies without also seeking long-term solutions in cooperation with the software development industry.]]> http://www.dslreports.com/forum/remark,1062640 Mon, 02 Jul 2001 12:33:33 EDT Re: Verizon's is actually the more-sensible approach http://www.dslreports.com/forum/remark,1062593 htin11 : actually read your TOS and your agreement, if the agreement say you can't run a server, then you can't do anything bout it...cuz it says DO NOT run a server...same thing with my road runner TOS. Thus you agreed upon not to run a server with the ISP...when you sign the contract or when you pay them. It all depend on the ISP...you choosed their services hence you are obligated by their runs...you don't have to pay them if you don't like their ways...as they say, go somewhere if you don't like what they offer.]]> http://www.dslreports.com/forum/remark,1062593 Mon, 02 Jul 2001 12:23:34 EDT Re: Verizon's is actually the more-sensible approach http://www.dslreports.com/forum/remark,1062565 justin : ISPs all have subscriber agreements than clearly set out the penalties for sending out unsolicited email. They are obliged to enforce those penalties.. if they can't and won't enforce them, it would be a PR nightmare for them as a company, and subsequently a serious legal problem, as spammers (and criminal activity) flocked to the ISP that just provided an IP and didn't care what you use it for.

the discussion has gone off topic though - Verizon is trying to stop spam in a technically naive way.. that both hinders those with legitmate needs for their own domain name, yet does little to stop spam originating from their network.]]> http://www.dslreports.com/forum/remark,1062565 Mon, 02 Jul 2001 12:17:35 EDT Re: Verizon's is actually the more-sensible approach http://www.dslreports.com/forum/remark,1062557 dru : What do you mean by, "not well made"? Just what SMTP security protocol have you seen implemented and standardized upon that deals with this issue?

SMTP was standardized when the internet was a trusting, open place. That's the problem. IMAP4 addresses these issues, but not universally supported by all client programs.

Obviously, software that runs on individual corporate servers could and should restrict incoming SMTP mail to originating headers, like what Verizon is implementing. But many do not offer this, and I believe that there is an issue with the appearance of being "open relay" to the current detection algorithms employed by such systems as ORBS and MAPS. So you still have to restrict via IP address, and this is difficult if you have traveling employees or those using dialup or dynamic IP service.

As for "not well made" commercial offerings including those from Microsoft, Eudora, and others do not provide many SMTP security features other than restriction by IP address. When asked, they claim such reasons as "RFC blah blah compliance" which of course means to be a fully compatible piece of software it has to interoperate with mail clients that hail from the days of Windows 3.1 Of course ISPs with the talent can modify and recompile smtp software to meet their needs, but the average small business doesn't possess this type of talent.

The biggest problem we have had recently is with business clients not intentionally abusing our servers or spamming themselves, but setting up servers for their own use but leaving them open to mail relay (the default configuration, out of the box for many server programs) and with the plethora of scanners and bots used by spammers to find open relays, they are discovered and exploited within a few hours.]]> http://www.dslreports.com/forum/remark,1062557 Mon, 02 Jul 2001 12:14:40 EDT Re: Verizon's is actually the more-sensible approach http://www.dslreports.com/forum/remark,1062462 sadowski : I don't want my ISP filtering anything. If I want to run my own servers then I should be able to. If I want talk to any other server I should be able to. If UCE and Bulk mail is a blight, then the spammers should be dealt with legaly on the level of their businesses, as well as servers set for customer (authorized) use only. I don't want an ISP deciding what is a "blight" such as adult content, political discussion, or even spam. Not to mention that we ALL KNOW that money will buy exceptions to all this filtering.

It's the ultimate hypocrisy to say that filtering (effective or otherwise) of what I don't like (spam) is OK but otherwise it's not.

I'm truly sick of hearing how ISPs should be turned into Internet police. The ISP should do nothing but provide connectivity and basic services to customers. If it doesn't want to provide basic services, such as mail and news, then it should not block those service either.

I suggest any of you really wanting such a bland and safe Internet stick to watching commercial television where you can be as safe and ignorant of anything potentialy offensive as you like.]]> http://www.dslreports.com/forum/remark,1062462 Mon, 02 Jul 2001 11:41:15 EDT Re: Verizon's is actually the more-sensible approach http://www.dslreports.com/forum/remark,1062371 richb01803 : Why is that? Why can't your office email server be set up to relay your email?

Software which attempts to restrict access based on an IP address isn't well-made. It should have some other means of getting you to prove who you are.

However, I will grant you the point that today's email software has a lot of limitations which force folks to come up with all these bizarre kludges.

I don't think it's possible to barricate the 'net against spam so long as we're all merely trying to jam our pinky fingers in the dike.]]> http://www.dslreports.com/forum/remark,1062371 Mon, 02 Jul 2001 11:13:13 EDT Re: Verizon's is actually the more-sensible approach http://www.dslreports.com/forum/remark,1062348 richb01803 :

said by Justin:
Sending email with no accountability is a blight on the internet.

Well, I certainly can understand your position on this, but I think that there isn't any way to address the spam problem without a global re-think of email architecture.

Some form of authentication handshake will need to be implemented between mail servers, and between mail clients and mail relays, in order to address the spam problem once and for all.

I believe most people want two things:

(1) Email whose source can be verified; and
(2) The ability to send anonymous email as needed.

This forum itself is a way to send anonymous email: I get to express opinions here without having them directly traceable to my employer. That way I'm less inhibited, as are a number of the other regular contributors, so the issues are tackled much more directly.

But when setting up a personal mailbox, we tend to prefer that the source of incoming email can be verified--and blocked or stopped at the source if it's annoying or invasive.

I don't think ISPs are in a position to do anything other than help fund the R&D it takes to implement software to make this happen. Tweaking policies which limit the usefulness of today's software isn't going to solve the overall problem.
[text was edited by author 2001-07-02 11:09:29]
]]> http://www.dslreports.com/forum/remark,1062348 Mon, 02 Jul 2001 11:08:25 EDT Re: Verizon's is actually the more-sensible approach http://www.dslreports.com/forum/remark,1062326 fhmiller5 : The person that said they cannot think of why someone would disagree, isn't thinking very hard.

We are a small office any many of us work from home using our various connections. The mail server we use at work requires the ip address be one of it's own for sending. Therefore we can't send through it from home. If we used Verizon for home dsl we couldn't send work mail.

Fred]]> http://www.dslreports.com/forum/remark,1062326 Mon, 02 Jul 2001 11:01:31 EDT Re: Verizon's is actually the more-sensible approach http://www.dslreports.com/forum/remark,1062305 justin : Sending email with no accountability is a blight on the internet.. Earthlinks policy is great, because (without the policy) customers can send out massive amounts of spam email within hours, with the penalty being (at worse) cancellation of their $20 a month account.. forcing it to go through the earthlink servers, which are provided for the purpose of delivering legitimate email, is perfectly reasonable, and allows flood control.
If you think the earthlink servers are unreliable, tell them to fix them, or move to another provider.
If you care about privacy, encrypt your email.

Verizon on the other hand is continuing to allow anyone with a windows spam utility to flood mailboxes, yet their action blocks (many) people who have their own vanity domain names.. for no gain. It is easy for verizon technically to drop subscribers who flood their mail servers.. (regardless of From address) yet this policy does nothing to stop direct mail spammers.. who are the real criminals.
[text was edited by author 2001-07-02 10:57:42]
]]> http://www.dslreports.com/forum/remark,1062305 Mon, 02 Jul 2001 10:56:27 EDT Re: Verizon's is actually the more-sensible approach http://www.dslreports.com/forum/remark,1062301 KoolMoe : As far as privacy concerns go, I have to agree that Earthlink's new policy kinda sucks. If they're going to force their users to send out only through their servers, then they should not have any privacy-compromising activities on those servers.
However, privacy concerns aside (say Carnivore is shutdown next month), then is this really that bad?
I run my own mailserver on a RTHM network, and for outgoing, I simply relay the email out to RTHM's mail server, which forwards it on to the world. No worries on my end and it works fine.
KM]]> http://www.dslreports.com/forum/remark,1062301 Mon, 02 Jul 2001 10:55:02 EDT Verizon's is actually the more-sensible approach http://www.dslreports.com/forum/remark,1062225 richb01803 : Re-reading the summary on this, I can't see why one would disagree with Verizon's policy on this matter.

They aren't restricting users on their network from receiving mail from anyone. They are restricting users of Verizon's SMTP gateways from sending email which is tagged with a From address other than that email server itself.

That's eminently sensible.

If you want to use a domain name other than one of the Verizon domains, then you should set up your own mail server for outbond mail (a typical Linux box will do fine), and/or pick up your mail from some other site.

Verizon's policy will probably affect 0.0001% of legitimate mail users: if you've got your own domain name, you're in all likelihood not using Verizon's mail servers to receive your mail, so the impact will be to get you to pay attention to how your software is configured to send outbound email.

The Earthlink policy, on the other hand, is one I object to strenuously.]]> http://www.dslreports.com/forum/remark,1062225 Mon, 02 Jul 2001 10:35:19 EDT