1 edit | Not to be pessimistic ... I've always thought the intent of the usual ISP prohibition against mail servers, web servers, etc. was not specifically to stop user servers, but to avoid the potential excessive bandwidth usage that such servers often cause. I doubt that any ISP cares if I have a webserver that gets 3 hits a day, or a mail server that handles 10 emails a day. I am satisfied with my current ISP's mail server, but I have thought about setting up my own in the past, when I used ISPs who did have poorly-maintained mail servers. Also, if a user operates their own mail server, it doesn't necessarily mean that it is business-related and that user should be paying for business-tier service.
It seems obvious to me that large ISPs (both cable and DSL) base their response primarily on cost, and anything which requires human intervention (such as an effective abuse department) gets a very low priority. As an earlier poster said, bandwidth usage costs the ISP real money, so they jump all over it. But a spam relay can send out lots of small emails, creating a nuisance for lots of other internet users, without necessarily tripping the bandwidth alarm. Until it does, the ISPs don't seem to care.
Yes, there are a huge number of naive, uneducated and/or lazy users. But I would think temporary loss of internet service would provide a good wakeup call. The ISP could simply send an email to the user identifying the problem and giving them 7 days to respond and to fix it. If the user hadn't responded and fixed it within that time period, they would lose their connection for a 7-day period (or whatever), and would be re-examined upon reconnect. Repeat offenders would be terminated after a 2nd or 3rd offense. Theoretically, the naive/lazy users would comply and the ISP wouldn't lose them as customers. The hard-core offenders (presumably a small percentage of the ISP's customers, but a large percentage of the nuisance to others) would end up being dropped. Not a perfect response, but a decent compromise. Of course, this would all require the ISP to maintain an effective abuse department, which seems unlikely.
You know, if you continually leave your keys in your car, and it is "borrowed" and used for a liquor store robbery, or a drug delivery, or is towed from a handicapped parking spot, it gets impounded or confiscated, even if you're just "naive" or lazy. Similarly, if someone leaves their home unlocked everytime they leave town, and it gets used as a part-time crackhouse or otherwise causes a nuisance in the neighborhood, they face potential legal problems. So it seems reasonable that a computer user should get their connection "impounded", at least temporarily, if it is used to cause a widespread nuisance to others.
Unfortunately, most ISPs will either do nothing, or overreact with the port 25 block because it's an "easier" (= cheaper) response ...
|
