Re: [exim] automatically blacklisting clients that fail SMTP…

Top Pagina
Delete this message
Reply to this message
Auteur: W B Hacker
Datum:  
Aan: exim-users
Onderwerp: Re: [exim] automatically blacklisting clients that fail SMTPauthentication
Mikhail Lischuk wrote:
>
>
> On Fri, 10 Jun 2011 09:23:25 +0000, W B Hacker wrote:
>

*snip*

> quotting, I hate long quotting) and your words that ISP can identify
> client. Once in my practice I've met an ISP who blocked their client,
> and when he contacted call-center he was told "Your account was
> suspended, because your computer is heavily infected. Please clean it
> up, send us a list of viruses you've identified there, and we will renew
> your account". That was kind of interesting and new approach for me.
>
>
> IDK however if it is completely legal. But if they stated that somehow
> in their agreement then I think there must not be any problems. I wish
> all our ISPs acted like that.
>


I once did a survey by DLD'ing the ToS from a goodly number of the many
ISP AND DataCentre/backbone providers who post their ToS on public
websites - not all of them in English.

It actually IS in more ToS than not. Surprisingly similar across
providers and even diverse countries...

..and not just because a given ISP wants to be a 'good guy', nor because
their upstream, and so on all the way up to the top of the pyramid have
similar terms....

... in most parts of the world, allowing malicious traffic can expose
the ISP to costly legal action, criminal, civil, or both.


May seem like a stretch w/r responsibility, but 'fairness' doesn't often
enter the environment.

The 'powers that be' could often care less about the technology, make
little attempt to understand its limitations, and all too easily hammer
anyone within their easy reach as less-effort than tracking down the
real perps.

So .. if your MTA/network becomes the target of a major financial house,
big corporation, or Government Agency as even *suspected* of being
complicit in onpassing malware or phishing that they claim damaged them,
the cost of compliance and/or defense can break your back - even if you
eventually prevail in court.

'Best Current Practice' and stiff ToS terms may not be enough to avoid
that entirely, but it certainly helps reduce the probability AND limits
or onpasses the damages.

But ask your own lawyer. Jurisdictions differ greatly, not all arms are
equally long... public opinion, politics.. etc.

Regards,

Bill
--
韓家標