IP address reputation, BorderWare
mailscanner at yeticomputers.com
Mon Mar 26 07:25:44 CEST 2007
>> Hardly. I've still seen nobody provide any evidence that any of this
>> insane spam bandwidth directly affects the experience *any* of us
>> have on the 'net.
> Really... more spam = higher data usage = more bandwith use =
> provision more bandwith to avoid whinging customers = more cost
You apparently missed the disclaimer I put in there explaining that I
was referring to the indirect effect on *me* from the use of *Kevin's*
bandwidth. It's easy enough to miss points I'm making the way I ramble,
but still, it was in there. Again, for clarity: received spam is
obviously a problem for the receiver's bandwidth. *Your* received spam
is *not* obviously a problem for *my* bandwidth. And as such, I have
little reason to enjoy your increased use of my resources to deflect
some of the use of yours.
>> important to any consumer. If I'm getting what I pay for, and the
>> price is one I'm willing to pay, as a consumer I *don't care* how
>> much of the bandwidth I'm *not* getting is being used by spammers.
>> In fact, to be fair,
> thats a rather irresponsible attitude.
Note that I said, "as a consumer". Why do you think it's
"irresponsible" for a consumer to fail to care about things that do not
affect them in any perceivable way? The dollar per bit bandwidth costs
of most consumers has been dropping steadily over the last decade, and
I'm pretty sure that's true worldwide. If it's not true where you are,
please feel free to correct me. I also don't see it as irresponsible to
not think that anyone else's problems justify them harassing me if I'm
*not the one causing (or even contributing to) their problem.* Keep in
mind that I didn't say that spam wasn't a problem (it is), or that it
didn't consume a lot of bandwidth (although as was implicitly pointed
out by Hugo, the amount of bandwidth consumed by filesharing probably
dwarfs the amount consumed by spam) or even that the receipt and
processing of spam doesn't require *providers* like us to increase our
bandwith expenses. I was stating that the consumer - the end user - has
no reason to care how much bandwidth spammers use if they don't
experience the effects of that spam in a way that the end user can perceive.
How do you define "irresponsible"?
>> At home, I was paying about five times what I currently pay for 10
>> megabits - just to get dual-channel DSL. (128K)
> 10mb? try multi gigabit here.
You have multi-gigabit bandwidth at home? Impressive, and... well, I
don't have a need for that much at home. If I did, it would be because
I worked far too much from there, I think. Still, I'm not sure what
relevance that has. Enlighten me?
My point was that bandwidth costs have been steadily dropping for nearly
as long as I've been in the business - which is a long time indeed. Not
that large providers don't need a lot of it. Nor that spam doesn't
increase that amount. I am curious though. With multi-gig consumption,
you must have some idea what percentage of your total bandwidth is
consumed by mail, what percentage by filesharing, web surfing, etc.
Care to share? My mail flow consumes less than 10% of the total, even
including spam, in case you want to compare.
>> I mentioned that I had some misgivings about greylisting. The most
>> important difference from a moral viewpoint is that greylisting only
>> affects people who are directly connecting to me, deliberately. SAV
>> affects people who never tried to mail me.
> right... now I see... you want to do it to waste others but get all
> hissy fitty when someone does a similar thing back, now I have no idea
> if you use greylisting now, but you could tomorrow be ordered to use it.
As I said, the only bandwidth I waste is that of those who actually
connect to *me*. You can feel free to blacklist, greylist or ignore
anyone you want. If it's me on the blacklist, if I deem it important to
communicate with you, I will work to comply with whatever needs you have
to make it possible - perhaps while trying to convince you of why my way
is better, but I'll work with you. When you do a lookup on *my* server
because *someone else* said they were me, you're not even trying to
communicate with me - you're expending my resources with no benefit to
me. And you didn't ask. As I've said several times in this thread,
however, it's not a resource problem, it's a moral problem. One about
Case one: You initiate the behavior, I respond by consuming your resources.
Case two: A third party initiates the behavior. You respond by
consuming *my* resources.
I see a big difference. You, apparently, do not. Hence we're unlikely
to ever agree.
>> None of my routers are named "core". :P
> when you have a couple dozen you tend to name them somthing that helps
> you rtmember whats what :)
No doubt. I only have three of any importance. The rest are just for
my own amusement. :)
>> there is no tangible benefit to *anyone* other than the user of SAV,
>> and he's
> Wrong, any carried out action to protect someones network by ensuring
> the inbound mail is from someone legitimate is a benefit to the
> receiver by helping reduce the chances of it being spam and hence
> wasteing more of their resources.
Exactly what I said... It is of benefit to you, the user of SAV, not to
the person you're hammering with your lookups. Unless you're being
pedantic and not including a benefit to your users as a benefit to you.
In which case I'll expand my statement to be: "The use of SAV if only
of benefit to those targeted by the spam being address verfied." I see
no material benefit to me from your use of SAV. And even if I did, I
would think it impolite that you did it without permission. I did *not*
send you that spam, and you have no non-selfish justfication for
pestering me about it.
>> with the rest of us, working to eliminate spam from our users lives -
>> instead of just telling them to "deal with it."
> You've just contradicted yourself :)
> you are in essence saying deal with it, by not wanting someone to run
> a measure they think benefits them.
No, I'm saying "don't run your measures against me when I'm not the one
spamming." Don't try to force me to solve your problems when I'm not
the one causing them. If you and I do not have a relationship of some
kind, it is not my responsibility (there's that word again) to even
*try* to solve your problems, although I will usually offer my time
freely *when asked*. When you just go ahead and take my help without
asking, I'm bound to be irritated.
Let's say that your neighborhood started a new crime watch program.
Let's say that it *required* you to spend an hour per month contributing
your time. You weren't asked. Several of your neighbors just started
doing this thing, and due to the way it was implemented there is no way
that you can avoid it's effects, or its drain on your time. You don't
*want* to do this thing. Even though you can see that this plan does
offer some benefit to the people who actually participate, you think
that it's intrusive to both you and your other neighbors, and you're not
willing to gain the benefits at the *moral* costs you perceive. While
it's possible for you to avoid the actual intrusive behavior itself, you
can *not* avoid spending time dealing with the way it has been
implemented. The practical effects of moving out of the neighborhood
are far too great to consider moving simply to avoid the hour of work
each month. The work required of you does not constitute a violation of
Now... Do you donate your time to this endeavor you disapprove of
without a word of protest? If you would, it goes against... well,
nearly all of the posts I've ever seen you make. :)
To make it even simpler, because it is not the amount of resources I'm
bitching about, but the moral choice itself, I'll offer a last
A fellow walks up to you and offers you this deal: "Neither you nor
anyone else you care about or provide services to will ever receive a
single piece of spam again if you go to this address and kill the
innocent person there." You believe (for whatever magical reason) that
he can deliver on his end of the bargain. Do you take the deal? Hm.
Your evil bunny status does make the answer less certain than I would
One of us should have changed the subject of this thread to something
regarding address verification a long time ago. Or ended it. :P
More information about the MailScanner