METROCAST BLOCKS RESIDENTIAL E-MAIL

Ben Scott dragonhawk at gmail.com
Wed Mar 15 09:58:01 EST 2006 

On 3/13/06, aluminumsulfate at earthlink.net <aluminumsulfate at earthlink.net> wrote:
> There are plenty of technologies available which -- singlehandedly --
> could eliminate the spam problem.  This is a case of *mismanaging*
> stupid people.

  You've found the Final Ultimate Solution To The Spam Problem? 
Quick, head on over to NANAE and tell everybody about it!  There are
tens of thousand operators who would *love* to receive your unique
wisdom.  /SARCASM

>> It is very much an anti-spam measure.  As others have pointed out,
>> the *vast majority* of mail sent from consumer Internet feeds to a
>>  destination of TCP port 25 is spam,
>
> Most email *is* spam, period.  Blocking all email would be guaranteed
> to block all spam, too.

  As has been explained several times, blocking all email has an
unacceptable cost/benefit ratio, while blocking outbound TCP port 25
has an acceptable cost/benefit ratio to the operators who do it. 
There are very few customers who send direct to MX.  You're one of
those rare exceptions.  People like you are considered "collateral
damage" at the level of "acceptable losses" to the ISP.

  It's not fair.  You don't have to like it.  But it is the truth. 
Any number of flawed analogies won't change that.

> But it's definitely a wrong-headed approach.

  Says you.  Others disagree.  (FWIW, I'm on the fence, but my own
opinion doesn't really count for squat here.)

>> Verizon has variously employed outbound TCP 25 blocking and/or SMTP
>> authentication for relay as well.
>
> I have been working on some economic models which suggest that Verizon
> (or any telco provider) would be eager to see Metroca$t (cable INET)
> suffer.

  I don't need an an economic model to tell me that Verizon would like
to see cable companies suffer!  :-)

>> law...".  It doesn't say one damn thing about me or you.  A telco is
>> under no obligation to provide you a particular kind of technical
>> service.
>
> A telco cannot, by law, prohibit me from calling the (615) area code.
> They cannot legally install hardware to listen for and silence me
> every time I want to say "fuck" during the course of a telephone
> conversation.

  My understanding is that the status of an ISP as a common carrier is
legally unclear at this time.  ISPs, of course, try to have it both
way, arguing they are when it suits them, and arguing they aren't when
it doesn't.

  Now, personally, I think ISPs *should* be considered common
carriers, with all the rights and responsibilities thereof.  So, for
the sake of discussion, let's assume ISPs are common carriers.

  In this case, the ISP is not prohibiting *where* you can "call", or
*what* you say.  So both of your analogies there are imperfect.  I
have yet to see a telephone analogy that covers this situation well. 
But, as long as we're tossing out imperfect analogies:  Any equipment
you attach to the PSTN must comply with FCC Part 68 rules.  You cannot
do whatever you like with the PSTN.  So there are rules about *how*
one uses a common carrier.  Again, this analogy is also flawed.  The
PSTN is pretty dumb from a user standpoint, so there's nothing like a
port number to worry about in the first place.

  Moving past analogies, common carriers *do* have an obligation to
protect the network from abuse.  They believe they're doing just that,
and from a numbers standpoint, they've got a point.

>> Tin-foil hat people, please note that they can monitor/log/whatever
>> your email using a packet sniffer just as easily as using an SMTP
>> host, so that argument is bogus.
>
> This is simply not true.  It is much easier to snoop email handled at
> the application layer than at the transport layer.

  Well, from an implementation-agnostic point-of-view, it isn't,
really.  In fact, in that implementationless fantasy world, it would
be better to sniff then build an SMTP relay and deal with the
implementation and support costs of that.

  Of course, in practice, with most people already being unable to do
anything *but* relay through their ISP, it's going to be easier to
graft something on to that implementation.  Even if it's a passive
sniffer, you only have to put the sniffer in one spot, that way.

  But ultimately, cleartext email is cleartext, and that's pretty much
"game over" right there.

> So doing this forces me to send *all* email unencrypted over its *entire*
> route (MUA -> "smart"host -> MX).

  Hmmm.  You've got a point, there.  Forcing relay through the ISP
does defeat opportunistic use of SMTP TLS.

  I'm curious; does anyone have any statistics on how many MXes
support this in practice?

> Well, first of all, I never received or agreed to any ToS.

  *rolls eyes*  The fact that you ignored their ToS (just like
everyone else (including me when I signed up for my Comcast feed))
doesn't mean they don't apply.

> But, just as sure as I'm sitting here typing, Metroca$t *agreed* to provide
> "Internet service".  What I'm questioning is whether or not the legal
> definition of Internet service includes email.

  First, they're still allowing "email", just not a particular way
doing of email.  Again, you don't have to like that, but it's the
truth.

  Second, you just said they didn't give you any ToS.  Saying they
agreed to provide Internet service would be a term of service.  So
which is it?

  Third, to the best of my knowledge, there is no legal definition for
"Internet service", and asking for one is, IMO, a bad move.  While I'm
not a laissez-faire idealist, I do feel that in general, we're better
off without having a law for every aspect of life.

> I don't think Metroca$t's lawyers would know a server from the holes
> in their asses.  Most modern computer systems *are* collections of
> servers.

  Again, in this context, "running a server" is understood to mean
hosting some kind of service that others make use of, not "listening
on a socket".  All your ranting about your X server, sound server,
etc., is just a giant pile of red herring.

  You're probably also better off *not* assuming these decisions stem
from stupidity.  There's a lot of people with a lot more experience
operating networks then either you or I have who agree with this
reasoning.  Nobody has to agree with them

>> Of course, cable companies *are not* a free market, since they've
>> been granted a monopoly by the local government in the local area.  I
>> suggest that the solution *there* is to fix the root cause (granting
>> overly broad monopoly power), not bitch about how lousy the resulting
>> monopoly is.
>
> One strategy I'm working on to fight Metroca$t will involve uprooting
> this monopoly.  Stay tuned.

  I honestly think competition is the best approach, here.  It lets
the unwashed masses of the Internet continue to use their Big Blue E,
while letting more sophisticated users such as yourself (and, likely,
me) get something more then the Wal-Mart of Internet service.

-- Ben

More information about the gnhlug-discuss mailing list