IP address reputation, BorderWare

Res res at ausics.net
Thu Mar 29 03:22:12 CEST 2007

On Mon, 26 Mar 2007, Rick Chadderdon wrote:

> You apparently missed the disclaimer I put in there explaining that I was 
> referring to the indirect effect on *me* from the use of *Kevin's* bandwidth. 
> It's easy enough to miss points I'm making the way I ramble, but still, it 
> was in there.  Again, for clarity: received spam is obviously a problem for 
> the receiver's bandwidth.  *Your* received spam is *not* obviously a problem 
> for *my* bandwidth.  And as such, I have little reason to enjoy your 
> increased use of my resources to deflect some of the use of yours.

The fact remains you accept these risks if you run a public mail server, 
just like greylisting. I dont like it, I disagree with i5, it causes more 
problems for me and my staff then whats its worth by others using it, 
however, I accept many do it, I'd rather the resources of my mail servers 
not be taken up with constant retries because of that crud, but it goes 
on, I live with it,k you will have to live with it.

>> thats a rather irresponsible attitude.
> Note that I said, "as a consumer".  Why do you think it's "irresponsible" for 
> a consumer to fail to care about things that do not affect them in any 
> perceivable way?  The dollar per bit bandwidth costs of most consumers has

See below

> You have multi-gigabit bandwidth at home?  Impressive, and...  well, I don't

No, I look at it for my companies point of view,  however, if a HOME 
USER wishes to have an exposed smtp server, then they must accept and 
expect the exact same risks as any national telco or corporation that 

> idea what percentage of your total bandwidth is consumed by mail, what 
> percentage by filesharing, web surfing, etc.  Care to share?  My mail flow 
> consumes less than 10% of the total, even including spam, in case you want to 
> compare.

p2p would be less than 40% ( QoS ensures these file sharing leaching 
warez pups don't take away bandwith from genuine uses )
Mail servers about 15%, web 10% ftp 20%, streaming about 5%, 
everything else about 10% (though big brother season 7 is about to start here
in the next few weeks to streaming will likely skyrocket)

> As I said, the only bandwidth I waste is that of those who actually connect 
> to *me*.  You can feel free to blacklist, greylist or ignore anyone you want.

already covered above and earlier

> Case one:  You initiate the behavior, I respond by consuming your resources.

Thats ok, I think i can afford the couple hundred BYTES of conversation
packets :)
and if you run a 10mb link I doubt youd even know it was happening if you 
never looked in your logs.

> Case two:  A third party initiates the behavior.  You respond by consuming 
> *my* resources. 
> I see a big difference.  You, apparently, do not.  Hence we're unlikely to 
> ever agree.

We agree on that :)

>> Wrong, any carried out action to protect someones network by ensuring the 
>> inbound mail is from someone legitimate is a benefit to the receiver by 
>> helping reduce the chances of it being spam and hence wasteing more of 
>> their resources.
> Exactly what I said...  It is of benefit to you, the user of SAV, not to the

Thats correct, just like those who use greylisting, its of benefit to 
them, not me

>> You've just contradicted yourself :)
>> you are in essence saying deal with it, by not wanting someone to run a 
>> measure they think benefits them.
> No, I'm saying "don't run your measures against me when I'm not the one 
> spamming."  Don't try to force me to solve your problems when I'm not the one

same could be said about those using greylisting.

> and due to the way it was implemented there is no way that you can avoid it's 
> effects, or its drain on your time.  You don't *want* to do this thing.  Even

but its no drain on time, your analogies are flawed, as it doesnt require 
anyone to sit in the server room and watch it happening, its no worse then 
dns lookups, greylisting, etc etc etc


Let Novell know what you think of their back door deal with the devil.
Sign the petition today:   http://techp.org/p/1/

More information about the MailScanner mailing list