| ac on 21 Oct 2016 13:33:52 -0700 |
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
| Re: [PLUG] spamassassin help: create a rule to score by sender TLD |
I think I need to break it down for you some more.... What you are advocating is a 'closed" Internet. An Internet where the "receivers" decide what they will be receiving But You completely miss the point of the Internet. It is not a "one way" street Your receivers may decide to not receive my emails asd my address is @me If I then decide to also stop receiving your crap, what is the result? On Fri, 21 Oct 2016 16:26:10 -0400 Rich Kulawiec <rsk@gsp.org> wrote: > On Fri, Oct 21, 2016 at 08:33:49PM +0200, ac wrote: > > Where in truth, you do not even consider for a second that you may > > actually be wrong. > > Apparently you missed the lengthy explanation of why it's important > to make (the inevitable) mistakes in a way that facilitates their > correction, and the notes about performing due diligence with log > files. > > > On the Internet and as far as abuse, ddos and bots go, we use all > > network layers, sometimes null routing /8 for a period - long before > > they even hit any border or puny email server > > I'm aware. I've been advocating defense-in-depth tactics, starting > at the network perimeter, for a very long time. I've lost count of > the number of times I've told folks to use the Spamhaus DROP (and now, > EDROP) lists at the perimeter, or advised null-routing hijacked > networks, or pointed folks at BCP 38, or or or. > > And part of that is not accepting any traffic that you don't have to, > because every possible outcome of that is bad for you and good for > abusers and attackers. > > Go look at today's discussion on NANOG about the DDoS. Really. Go > read it. It's quite instructive. And then realize that it's > possible because way too many people have way too many systems > running way too many services in default-permit mode, and that allows > them to be weaponized against third parties. Yeah, some of that > would still happen even if they had the professional diligence to > lock everything down as tightly as possible, but it might cut things > down to a dull roar. It might give the targets a fighting chance. > It would certainly be an improvement. > > But unfortunately, that hasn't happened yet. Too many people are > running systems like it's still 1986. I wish it were (in the sense > of mutual cooperation) but it's not, and we're not going back. > Everyone should be doing detailed analysis of their operational > requirements and permitting only the minimum necessary. That applies > not just to SMTP but to SSH, HTTP, and every other service/protocol > in play. > > ---rsk > > ___________________________________________________________________________ > Philadelphia Linux Users Group -- > http://www.phillylinux.org Announcements - > http://lists.phillylinux.org/mailman/listinfo/plug-announce General > Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug ___________________________________________________________________________ Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug