on Mon, Sep 22, 2003 at 02:42:37AM -0500, Ron Johnson (ron.l.johnson@cox.net) wrote:
> On Mon, 2003-09-22 at 00:26, Karsten M. Self wrote:
> > on Sun, Sep 21, 2003 at 12:09:50PM -0400, Bijan Soleymani (bijan@psq.com) wrote:
> > > On Sat, Sep 20, 2003 at 09:19:32AM -0700, Carla Schroder wrote:
> [snip]
> > If Swen is the shape of things to come, it's the end of dial-up POP3
> > mail accounts.
>
> What's going to happen (nay, *is* happening) is that ISPs are starting
> to offer spam & virus filtering.
I've specifically requested this backed by threat of legal action for
perpetrating, assisting, or aiding a DoS on my computer services.
My ISP *does* offer spamfiltering. It's a fucking joke. Specifically,
it's an industrywide joke. The system is largely ineffective, dosn't
provide a viable means of assessing what was or wasn't filtered, to the
best of my knowledge doesn't provide SMTP-time reject messages, and
doesn't provide a viable means of training the systme with false
positives or negatives.
The system was revamped this past year. It is now based on a
challenge-response system. This is as bad as the problem, particularly
in light of spoofed senders (C-R is a DDoS attack technology). See:
http://kmself.home.netcom.com/Rants/challenge-response.html
I've made a specific proposal that effective virus protection be
offered. Partial exerpt:
[Earthlink should offer viral mail filtering] a two-tiered basis:
basic filtering (no executable content) with a concomittent risk of
false positives, of all executable content, free of charge.
Advanced filtering, using a specific virus filtering tool (or
selection of tools), such as major proprietary offerings (Norton,
RAV, McAfee, etc.) or free software tools such as clamav, as a
premium, for-fee service.
Implementation should follow these guidelines:
- The service should be prominantly featured in Earthlink
communications, including bulling notifications, website, and a
possible special subscriber notification mailing. Press
releases and news coverage of the service should also be
encouraged.
- The service should be discretionary. A subscriber should be
able to elect to use, or not use, the service.
- Though I generally don't recommend this for content-blocking
features: the basic service should be enabled by default on new
accounts. It should *not* be retroactively applied to existing
accounts.
- The service should be active at SMTP connect time, and should
return a permanent nondelivery error to the remote SMTP server.
The remote server is responsible for any notification to the
originating sender. The service should *not* generate its own
bounce or nondelivery mail based on headers or envelope sender,
any or all of which may be forged, presenting a Joe-job DDoS
risk.
- The service should provide a regular (weekly or monthly) summary
to the user of blocked mail. For the basic service, this might
be restricted to a count of accepted and rejected mails. For
the premium service (as a revenue generating incentive),
abstract or detail in the form of connecting remote hosts, and
possibly subject line or description of blocked content by type
or risk (e.g.: the W32.FooBar.A@mm virus) could be included.
There's room for a premium service. There is a _requirement_, however,
for a reasonably effective minimum service.
Peace.
--
Karsten M. Self <kmself@ix.netcom.com> http://kmself.home.netcom.com/
What Part of "Gestalt" don't you understand?
Ford had another Pan Galactic Gargle Blaster, the drink which has
been described as the alcoholic equivalent of a mugging - expensive
and bad for the head.
-- HHGTG
Attachment:
signature.asc
Description: Digital signature