This is going to get WAY off topic, so I have replied to Jethro off list.
-----Original Message-----
From: This list is for those interested in Data Protection issues
[mailto:[log in to unmask]] On Behalf Of Jethro R Binks
Sent: 14 March 2007 13:58
To: [log in to unmask]
Subject: Re: [data-protection] ISPA and SPAM (poss OT?)
On Wed, 14 Mar 2007, Tim Trent wrote:
> I picked up the snippet about ISPA making submissions regarding SPAM
> to Parliament today. The ISPA press release is fine and factual.
> What surprised me was the idea from Trend Micro about blocking port 25
> which will allegedly cut spam at a stroke.
And it would, for a while at least. The academic community has been doing
this for years, it is not a new idea. ISPs have always been extremely
reluctant to do it though.
> This looks to me like the same type pf knee jerk that got us "Corporate
TPS"
>
> Don't get me wrong. I hate Spam. But I hate ideas that do not
> address the real problem, too.
It is not a knee-jerk idea, it has been implemented widely and successfully
for years in the academic community, so it is not a new idea.
Just one that ISPs have always been extremely reluctant to implement. In
the meantime, broadband has come along, and the capacity of compromised
end-user computers at home to send spam has increased many times over,
exacerbating the whole problem.
Blocking port 25 is one of a number of steps that could be taken, each with
their own benefits and downsides. By getting rid of port 25 access to
arbitrary mail servers from end-user networks, and mandating use of
authenticated mail submission services (which operate on another port), you
force people sending mail to authenticate and 'prove' who they are, and
maybe have some control over who they claim to send mail from. This means
that, if nothing else, you can identify whose account was used for a spam
run, should it happen that way. The responsibility for the dealing with the
emission of spam into the Internet is shifted from some transit agent (the
ISP) to the organisation who provide the authentication service, and so
presumably have some real-world tie to the responsible user. This might be
an ISP contract, a contract of employment, or something else. But the point
is you know whose account is responsible, and a responsible organisation can
then deal accordingly.
Quoting the article: "But blocking port 25, the way, for example Now!
Wireless Broadband does simply aggravates users who work form home and need
to log in to the office's mail server to send mail, or who have multiple
legitimate mail servers to which they need to go in order to send their
email correctly."
The office mail server, and 'legitimate mail servers' should be offering a
secure authenticated interface for email submission (ie, for allowing 'their
own known users' to send email to arbitrary destinations). That is a
service provided on a different port, and authentication is (supposedly)
mandatory.
In your case, Tim, having read your blog article, your Marketing Improvement
mail server should be configured to listen on the other port, and request
authentication before mail can be sent through it on that port. And it
shouldn't care whether you are "in the office" (ie, on the network local to
the mail server), or "at home" (ie, somewhere out on the internet). You
never need to change your SMTP mail server setting, as you can access it
from both places, no need to reconfigure as you move around.
As it happens, many spam engines are already aware of port 25 blocking, and
some will interrogate mail client software on a compromised computer to find
out where to send mail, and which username and password to use to send it
(as users normally store these details in the application, contrary to best
security practice). So it isn't a golden bullet, but it would help knock
the noddy spammers out of the race for a good while.
Yes this really is quite off-topic ...
Jethro.
>
>
>
> Tim Trent - Consultant
> Direct: +44(0)1344 392644 Mobile:+44(0)7710 126618 Personal blog:
> <http://timtrent.blogspot.com/> http://timtrent.blogspot.com/ See also
> <http://complianceandprivacy.com/> http://complianceandprivacy.com
>
> email: <blocked::mailto:[log in to unmask]>
> [log in to unmask]
> Marketing Improvement Limited, Abbey House, Grenville Place,
> Bracknell, United Kingdom, RG12 1BP
> <blocked::http://www.marketingimprovement.com/>
> http://www.marketingimprovement.com
>
>
>
>
>
> Important: This message is private and confidential. If you have
> received this message in error, please notify us and remove it from
> your system. This email and any attachment(s) are believed to be
> virus-free, but it is the responsibility of the recipient to make all
> the necessary virus checks. This email and any attachments to it are
> copyright of Marketing Improvement Limited unless otherwise stated.
> Their copying, transmission, reproduction in whole or in part may only
> be undertaken with the express permission, in writing, of Marketing
> Improvement Limited. Marketing Improvement Limited is registered in
> England No. 4283972. Registered Office: 643 Watford Way, London NW7 3JR
and its VAT number is GB798 2065 86.
>
>
>
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> All archives of messages are stored permanently and are
> available to the world wide web community at large at
> http://www.jiscmail.ac.uk/lists/data-protection.html
> If you wish to leave this list please send the command
> leave data-protection to [log in to unmask] All user
> commands can be found at http://www.jiscmail.ac.uk/help/commandref.htm
> Any queries about sending or receiving messages please send to the list
owner
> [log in to unmask]
> Full help Desk - please email [log in to unmask] describing your
needs
> To receive these emails in HTML format send the command:
> SET data-protection HTML to [log in to unmask]
> (all commands go to [log in to unmask] not the list please)
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
>
>
>
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Jethro R Binks
Computing Officer, IT Services
University Of Strathclyde, Glasgow, UK
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask] All user commands
can be found at http://www.jiscmail.ac.uk/help/commandref.htm
Any queries about sending or receiving messages please send to the list
owner
[log in to unmask]
Full help Desk - please email [log in to unmask] describing your
needs
To receive these emails in HTML format send the command:
SET data-protection HTML to [log in to unmask]
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at http://www.jiscmail.ac.uk/help/commandref.htm
Any queries about sending or receiving messages please send to the list owner
[log in to unmask]
Full help Desk - please email [log in to unmask] describing your needs
To receive these emails in HTML format send the command:
SET data-protection HTML to [log in to unmask]
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|