Re: [fw-wiz] The home user problem returns

From: Mason Schmitt (mason_at_schmitt.ca)
Date: 09/13/05

Next message: Mason Schmitt: "Re: [fw-wiz] The home user problem returns"

Previous message: Brian Loe: "RE: [fw-wiz] The home user problem returns"
Maybe in reply to: mason_at_schmitt.ca: "[fw-wiz] The home user problem returns"
Next in thread: Brian Loe: "RE: [fw-wiz] The home user problem returns"
Reply: Brian Loe: "RE: [fw-wiz] The home user problem returns"
Reply: R. DuFresne: "Re: [fw-wiz] The home user problem returns"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

To: Brian Loe <knobdy@stjoelive.com>
Date: Mon, 12 Sep 2005 15:21:18 -0700

Brian Loe wrote:
>>While I think that user ed is still a critical piece to the
>>puzzle, I think that the way that we go about attempting to
>>educate needs to change. That's what I was trying to get
>>across in my last email. It takes one on one interaction with people.
>
>
> If Ed WANTS to learn, he'll learn. If Ed wants his porn, you're annoying
> him, go away.

That's completely true. No argument here at all.

> Why has spam control become the responsibility of the ISP? Unless it's
> originating from your network - and you have specifically disallowed such
> usage on your network via contractual agreements between you and the
> customer - why do you care how much spam your customers get? Only as an
> add-on service should an ISP be involved.

Haven't you heard? Spam is a global problem. Many of the means of
dealing with spam involve voluntary cooperation from as many people as
possible to combat the problem. That cooperation entails such things as
outbound port 25 blocks at ISPs.

As for the recipient of the spam. Most ISPs now do a basic level of
inbound spam filtration, just to ease the load on their mail servers,
let alone appease angry customers. Most ISPs also offer a subscription
anti-spam service to those that want it. If you don't want to subscribe
to the anti-spam service, I assure you that there is still tons left
over after the ISP's basic filtering- you'll get all the spam you handle.

> I guess I'm still confused. What issues are you having because of your
> customer's lack of security? Loss of bandwidth? Attacks on your internal
> network? What, exactly, is the result of your customers being bad?

I'll give you some examples in a sec, but first, since we are tossing
quotes around, here's one for you, "An ounce of prevention is worth a
pound of cure". I know that I have to do my part and hope that others
do theirs. As a result the problem will diminish overall.

Here's an example that's not related to Internet access and bandwidth.
In North America (and starting to become a problem in most developed
nations), smoking is becoming a huge problem. Smoking is known to be
linked to many forms of cancer, birth defects, gum disease, many
respiratory diseases, etc, etc. - it's a really long list. Some people
consider smoking to be a personal choice, so lets run with that. My
first argument pertains more to Canada and other countries that have
public medical systems.

When enough people choose to smoke, they are placing an unnecessary
burden on the public medical system, thereby degrading it for everyone else.

You may be one of those militant smokers that feels it is their right to
smoke wherever they please. If you decide you want to smoke in public,
you may be smoking next to someone that is an asthmatic. It's well
known that second hand smoke is just as deadly, if not more so, than the
smoke you pull through your filter - if you and other militant smokers
get their way, non smokers are now suffering the same health problems
that are common amongst smokers. Other people may be enjoying the fresh
air or a good meal and you are denying them that. The effect can even
be as simple as making someone else's clothes stink. No matter how you
look at it, this is more than just your problem - you are involving
other people that may not want to have anything to do with you.

I promised I'd give you an example relating to your use of your Internet
connection. Here's one really good example for you.

Recently a bot found it's way onto a customer's computer. That bot
setup shop and began to send spam... through our not-so-smart smarthost.
The bot was also a worm and it started spewing like crazy trying to
find more hosts - it found some on our network and would have found some
out on the net if I hadn't put egress filters in place on our router a
year or two ago.

I got called into work outside normal hours to track down the bot, our
support people had to call the customer to let them know and they also
turned of the customer's modem until the infection was cleaned out.
They then had to start calling other customers and doing the same.

In the short time that the spam was flowing, our mail server managed to
find it's way onto a couple blacklists. As a result, customers that
didn't get the worm were still being affected because some of their
email bounced due to other mail admins using the blacklists that we
ended up on. This in turn generated support calls.

I then kicked myself for not having implemented rate limiting and really
basic spam filtering on our outbound smtp relay like I had planned to
and set about working out how I was going to do that. It turns out that
it not feasible with our current solution, so this week I'm working on
building a new mail server that will allow me to do the egress filtering
I need to do.

All in all, the fact that there weren't more safe guards in place cost
us time and money and affected a fair number of customers. It has also
pulled me away from other important work and thus I get further behind.

If that doesn't paint a clear enough picture of why you should not be
able to have a wide open un-restricted pipe of your own, let me know and
I'll give you some more examples.

--
Mason
_______________________________________________
firewall-wizards mailing list
firewall-wizards@honor.icsalabs.com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

Next message: Mason Schmitt: "Re: [fw-wiz] The home user problem returns"

Previous message: Brian Loe: "RE: [fw-wiz] The home user problem returns"
Maybe in reply to: mason_at_schmitt.ca: "[fw-wiz] The home user problem returns"
Next in thread: Brian Loe: "RE: [fw-wiz] The home user problem returns"
Reply: Brian Loe: "RE: [fw-wiz] The home user problem returns"
Reply: R. DuFresne: "Re: [fw-wiz] The home user problem returns"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

Re: PLUG: PMAS
... I've just started using that zen.spamhaus.org as well, ... looking at my suggestion for a social solution rather than technical ... My ISP has recently tightened things up, as a couple of months ago the ... If you knew that all of your existing customers ...
(comp.os.vms)
Re: Plusnet - praise where its due
... Is there a way of training your spam filter? ... Maybe by getting customers ... that may indicate that the server has failed. ...
(uk.telecom.broadband)
Re: Spam
... Try BT Yahoo as you can decide what is Spam and what is not. ... BlueYonder and Tesco - now ... NTL is very good at driving customers away, ... can't email friends the company can't hope to get all the friends as new ...
(uk.telecom.broadband)
Re: SFF and MIME
... I have to wonder if spam is really a valid form of advertising though. ... customers and show that the customers will increase sales more than the ... really pays off and only SPAMMERS end up making money? ... And those magic pills may also be another fraud. ...
(comp.os.vms)
Re: [fw-wiz] The home user problem returns
... > smoke wherever they please. ... > Recently a bot found it's way onto a customer's computer. ... > They then had to start calling other customers and doing the same. ... > building a new mail server that will allow me to do the egress filtering ...
(Firewall-Wizards)