IETF Logo Mail Archive

Re: What to improve? BCP-38/SAC-004 anyone?

"John Levine" <johnl@taugh.com> Fri, 01 January 2016 21:49 UTC

Return-Path: <johnl@taugh.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 03D921ACF54 for <ietf@ietfa.amsl.com>; Fri, 1 Jan 2016 13:49:41 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 1.663
X-Spam-Level: *
X-Spam-Status: No, score=1.663 tagged_above=-999 required=5 tests=[BAYES_50=0.8, HELO_MISMATCH_COM=0.553, HOST_MISMATCH_NET=0.311, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id XwEb0rsdCG29 for <ietf@ietfa.amsl.com>; Fri, 1 Jan 2016 13:49:39 -0800 (PST)
Received: from miucha.iecc.com (abusenet-1-pt.tunnel.tserv4.nyc4.ipv6.he.net [IPv6:2001:470:1f06:1126::2]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6C9A31ACF24 for <ietf@ietf.org>; Fri, 1 Jan 2016 13:49:38 -0800 (PST)
Received: (qmail 25463 invoked from network); 1 Jan 2016 21:49:37 -0000
Received: from unknown (64.57.183.18) by mail1.iecc.com with QMQP; 1 Jan 2016 21:49:37 -0000
Date: Fri, 01 Jan 2016 21:49:15 -0000
Message-ID: <20160101214915.6537.qmail@ary.lan>
From: John Levine <johnl@taugh.com>
To: ietf@ietf.org
Subject: Re: What to improve? BCP-38/SAC-004 anyone?
In-Reply-To: <000401d144cd$d522d7f0$7f6887d0$@huitema.net>
Organization:
X-Headerized: yes
Mime-Version: 1.0
Content-type: text/plain; charset="utf-8"
Content-transfer-encoding: 8bit
Archived-At: <http://mailarchive.ietf.org/arch/msg/ietf/QU1CB9zNqUVQev3XR7Mc6aNwMVw>
Cc: huitema@huitema.net
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 01 Jan 2016 21:49:41 -0000

>I can think of only one example of such mandates actually being enforced -
>the fight against "open mail relays" a dozen years ago. The self-appointed
>Internet police, or vigilantes, detected SMTP relays that could forward
>spam, shamed them, and blacklisted them until their fixed their setup. The
>relay operators could fix their operation, or face customer complaints that
>their mail was being rejected. It was bitter, but there are very few open
>mail relays left operating now, so in a sense we could say that vigilantism
>did work. On the other hand, it is not like spam disappeared.

Actually, the biggest reason open relays went away is that popular
MTAs changed the default configuration to be closed.  The various open
relay testers, one of which I used to run, were mostly used by system
managers to check that their config was really closed.

The various blacklists had some effect and certainly provoked loud
self-righteous complaints, but they've all gone away (except of course
for John Gilmore) since people realize the operational benefits of not
allowing criminals to use their systems to send spam.

I'd hate to think that the relative volume of spoofed packets would
have to approach the relative volume of spam to get people to do
something about it.

R's,
John

v2.23.0 | Report a Bug | By Email