Teergrube (was Re: MTA: usage of smart host)
on Wed, Apr 09, 2003 at 09:43:19AM -0500, Jeffrey L. Taylor (jeff@austinblues.dyndns.org) wrote:
> Quoting David Fokkema <fokkema@nat.vu.nl>:
> > Hi group,
> >
> > I have a computer basically running 24/7 on an ADSL connection.
> > Should I use the mail server of my provider as a smart host like
> > windows clients have to do? If so, why can't I send mail directly to
> > the internet? What are the pros and cons?
>
> If your ISP has reliable mail servers, don't bother. Try to check if
> they block incoming port 25, if so, no point. Same for outgoing
> connections to port 25 (this is easier, try "telnet
> mailin-01.mx.aol.com 25"). Check if your Acceptable Use Policy or
> Terms Of Sevice prohibits servers.
>
> Advantages for outgoing mail are slight, one less hop.
Also one less focussed opportunity for traffic analysis (if your threat
model includes this). Your wire would have to be tapped directly, and
this could be overcome (at some cost) via SWAN or VPN connections to
multiple hosts. Not a requirement for all folks, but something to keep
in mind.
> For incoming mail, you can stop spam at the perimeter instead of
> discarding or bouncing it. This may give some satisfaction. If you
> are charged for bandwidth, this can be a slight help.
More attractively, you could set up a teergrube. This is a host that
acts as a tarpit for spammers. With sufficient numbers of teergrubes
running (several thousand would be sufficient), spam mail hosts and
relays would get "stuck" on open channels, and would have effective
delivery greatly reduced. This requires realtime spam detection on
connection by the remote spam host.
Question for the gallery: is there a decent teergrube package available
for Debian? If not, what is the most feasible solution?
Peace.
--
Karsten M. Self <kmself@ix.netcom.com> http://kmself.home.netcom.com/
What Part of "Gestalt" don't you understand?
In 2002, everyone discovered that everyone else is using Linux.
Reply to: