Re: VOLKER--Re: Kids bypassing firewall via web proxy sites

On 20 Mar 2006, in the Usenet newsgroup comp.security.firewalls, in article
<486cdfFifhd0U1@individual.net>, Ansgar -59cobalt- Wiechers wrote:

>Moe Trin wrote:

>> 1036 Standard for interchange of USENET messages. M.R. Horton, R.
>> Adams. December 1987. (Format: TXT=46891 bytes) (Obsoletes RFC0850)
>> (Status: UNKNOWN)
>>
>> Why don't you read RFC2036 then?

>In case you failed to notice: THIS IS USENET, so please re-read section
>2.1.1 of RFC 1036

My fault - fumble-finger. Read RFC2026

>Ummmm. So, which part of that section did you fail to understand? The
>fact that this applies to relays (which in the case discussed here are
>run by clueless morons who won't bother to implement sensible
>filtering)?

  "It is a well-established principle that an SMTP server may refuse to
   accept mail for any operational or technical reason that makes sense
   to the site providing the server."

Maybe there is something you don't understand. Can you point out the
word "relay in that sentence? Can you point to the word in the _title_
of that section? Can you cite ANY RFC that _requires_ my network to
accept _packets_ from everyone - never mind mail?

>Or are you suggesting that one should filter (perfectly valid) NDNs?
>You gotta be kidding me.

Valid NDNs? No - and I see less than one of those a month because our
users rarely have reason to talk to incompetent domains.

>Good for you. However, some of us can't do that as easily without
>violating local laws. Blacklisting is a *very* two-edged sword.

Actually, the federal laws here do protect the rights to filter, and the
legal mind-set encourages it. While some have pointed to figures saying
that spam is approaching 90% of the SMTP traffic in the world, it's
even greater for us because we don't use a lot of Internet email - it
doesn't fit into the scope of business. Internal mail is another story,
but we have ways of controlling problems there.

        Old guy
Received on Mon May 1 01:00:19 2006