Comcast and SORBS

Don Levey lug at the-leveys.us
Mon Nov 29 16:40:48 EST 2004


discuss-bounces at blu.org wrote:

>
> On Wed, Nov 24, 2004 at 02:01:45PM -0500, Don Levey wrote:
>>> Most of the computers on comcast's networks which send out spam are
>>> compromised, working on the behalf of criminals.  I'm sure there is
>>> a solution here, but blocking EVERYBODY is the wrong one.
>>>
>> But you're NOT blocked - you can run your mailserver and smarthost
>> through Comcast's server.
>
> I /AM/ blocked.  It's the Comcast server, which I don't want to use,
> which isn't blocked.
>

No, YOU are not blocked.  Your SERVER is blocked from sending mail directly
to another machine.  However, you can relay of your ISP, which means that
your traffic still gets through.


>> You can receive mail directly.  You're not impeded at all, except in
>> those things which have the potential for severe abuse and are also
>> against the TOS.
>
> Punish people who commit abuse, not those who could...  Comcast has
> access to the MAC addresses of its clients.  They can provide access
> control on that basis.  They can block people who become offenders.

So each person gets one free bite of the spam pie?  How many millions of
spam messages can get sent out by a compromised PC on a cable modem before
the ISP actually cuts off access?  If past history is an indicator of future
performance, that lag tome can be nigh on three weeks.

> If they do this, there is no need for the rest of the world to reject
> mail from their entire net block.  There are other workable solutions
> that don't punnish the innocent.
>
That would be lovely.  Really.  If the ISPs would block outbound port 25
traffic from those who (from the ISP's point of view, in the contract)
shouldn't be sending port 25 traffic, then no-one else would need to block
them.  Would they?

>> This is not *THE* real solution, but it is part of the solution.  Or
>> do you seriously think that abusing, say, 80% of the network is not
>> worse than abusing 25%?  The rest of the solution may include making
>> sure that the remaining 25% becomes less spam-friendly.
>
> In fact, it makes no difference.  People who use spam-blocking
> technologies will not deliver the spam, whether or not their ISP
> blocks dynamic addresss.  Technologies like spam assassin do a good
> job of catching spam and getting rid of them.  There are workable
> solutions that don't punnish the innocent.  Those should be employed
> instead of net block blocking.  At absolute most, the net block should
> be used to increase the messages spam score -- NOT block it outright.

What you're advocating is pushing increased costs upon the backs of the
recipients, instead of the senders.  That's a fundemental difference in
philosophy, and it is unlikely either of us will change the other's mind on
this one.

 -Don




More information about the Discuss mailing list