Major ISPs Publish Anti-Spam Best Practices 252
wayne writes "The ASTA, an alliance of major ISPs, has just published a set of best practices to help fight spam. The list of ISPs include the likes of AOL, Yahoo, MSN/Hotmail, Earthlink and Comcast. The recommendations include such things as limiting port 25 use, rate limiting email, closing redirectors and open relays, and detecting zombies. For details, see the ASTA Statement of Intent (pdf) or any of the ISP's antispam websites."
I don't want to sound pessimistic (Score:2, Insightful)
Best practices,... published? (Score:2, Insightful)
Balance (Score:2, Insightful)
limit port 25 (Score:4, Insightful)
They can limit outbound port 25 because i still can forward my email through their official smtp server. If they limit inbound port 25, it will suck big time.
Whatever... (Score:4, Insightful)
Re:Best practices,... published? (Score:5, Insightful)
How about "no more delayed bounces" (Score:5, Insightful)
Qmail, I'm looking at you. People who don't run something like LDAP on their secondary MXs, I'm looking at you.
I'm almost to the point of blocking the null sender from certain hosts, just because they are nothing but crap. I know all about the RFC (and rfc-ignorant.org), but they're causing a serious problem for the rest of the world.
The worst part is for people who run control panels like Plesk. They have to run qmail (no choice in the matter), and so they either become a delayed bounce source, or they enable the catchall and get to suck down all that mail. They can't win.
ISP's need to act (Score:5, Insightful)
But, of course, that might cost the ISP's money. So instead we get a "best practice" document which preaches to the converted and achieves nothing.
TWW
Re:Best practices,... published? (Score:3, Insightful)
but with a suspicious attachment or a spurious "click here if you don't want to receive such notices anymore".
I shudder to think how many people will fall for those evil tricks.
Re:Don't forget SPF (Score:3, Insightful)
Re:Best practices,... published? (Score:3, Insightful)
Re:Best practices,... published? (Score:5, Insightful)
Re:Best practices,... published? (Score:3, Insightful)
Re:Best practices,... published? (Score:4, Insightful)
Spammers always try to be one step ahead of the game. Just by keeping the best practices a *secret* wound't help to combat spam. Its the business model that needs to be attacked. Money is made somewhere and that is where we have to attack. Having said that, I think its important we keep these fighting techniques open. A lot of people would benefit from it. Also, just like security, obscurity would be of no help.
Protect your own domain name (Score:5, Insightful)
Something that would really help is for these big companies to protect their own domain names by going after anyone who forges the headers as such. These days if someone isn't already in my whitelist they are probably going to get caught in my spam filters if they use any of these domain names.
Under most circumstances I think it is a bad thing for a company to throw lawyers at someone until there is nothing left but a smoking hole in the ground, but I think I would make an exception for spammers. These companies not only have the resources to make spamming unprofitable, but they have a valid, and vested interest to do so.
Penalties (Score:2, Insightful)
Re:I don't want to sound pessimistic (Score:3, Insightful)
This is a loose agreement by ISP's about what they need to do on thier part to confront spam. These things would improve the situation, but ISP's are reluctant to implement them out of fear that the user will become angry with the tightened security problem and go to another ISP. And I am not talking about spammers, I am talking about everyday users who don't like to be told to patch thier systems or get off the internet.
So what this guidelines does is provide a unified front - a lowest common denominator policy that all the ISPs are willing to implement. It will improve the situation somewhat, but will not be too noticable by the user, and to the extent that it is they can't leave and go somewhere else because all the major ISP's will be doing it.
Re:Best practices,... published? (Score:1, Insightful)
They will adapt to any system you construct.
In theory, yes. In practice, given enough time, yes. But it usually takes quite a bit of time and it makes anti-spam filters better. How? Well, generally speaking, spammers have a standard set of tricks that they stick to. When a lot of people stop giving them the ability to use those tricks, they just try harder to find suckers that will.
For instance, formmail.pl is a traditionally vulnerable spamming hole. When it was fixed (and when NMS became popular), a hell of a lot of spamming opportunities were made unavailable. But spammers still try and find vulnerable versions, as there are always a few lurking out there.
If we reduce the suckers significantly, spammers not only go to more effort to find them, but the set of suckers they have to operate with are smaller (hence, easier to track down and blacklist).
When the number of suckers drops below a certain point, it's true that spammers do have to invent new tricks. But that is hard and expensive (at least compared with a spammers usual workload). It may also be illegal, making it much easier to crack down on spammers. For instance, now that open relays are almost non-existent, spammers have been forced to pay programmers to write viruses/worms/etc for hosts to send through.
Re:Best practices,... published? (Score:2, Insightful)
Have you ever seen any GOOD spammer behavior?
Re:Mail admin here, my solution was port 26 (Score:5, Insightful)
Re:Related article on Reuters (Score:3, Insightful)
If they keep getting fined and/or booted by ISPs then yes it is reasonable to expect it. After all, our public highways are safer because we expect people to learn to use vehicles and to also properly maintain them mechanically. If you drive around with no brakes and cause and accident you will be held accountable.
What would you prefer? When you have idiots getting infected by viruses by actually entering a password to the encrypted zip attachment it means said user sorely needs some education about proper usage of the device in front of them. Since all the TV/Radio/Newspaper stories telling these same idiots not to open unannounced attachments don't seem to work then hitting them in the pocket book or removing them from the information highway entirely might be a better education method.
Really, the users are only stupid if you keep on letting them do the same old things without educating them, for those extra stupid you need more extreme training methods.
Re:Take what they say with a grain of salt (Score:2, Insightful)
Actually, pink contracts aren't even necessary for spammers anymore. With major providers like MCI/UUNet, who will only kick off spammers if they spam from their space, and the wide availability of compromised systems to use as relays, spammers can have completely bulletproof hosting from the largest backbone provider without negotiating special contracts.
Comment removed (Score:2, Insightful)
Re:Whatever... (Score:3, Insightful)
New net protocols have always displaced old protocols without requiring a new internet. Like Gopher (et.al.), SMTP will soon fade away because it already doesn't work. At the current rate-of-increase of spam, allowing current SMTP email onto your network will soon become (if not has become already) the same as paying a gangster to DDoS your network.
You are wrong. (Score:3, Insightful)