Boston Linux & Unix (BLU) Home | Calendar | Mail Lists | List Archives | Desktop SIG | Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings
Linux Cafe | Meeting Notes | Blog | Linux Links | Bling | About BLU

BLU Discuss list archive


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Routing all mail through comcast



On Wed, Oct 22, 2003 at 07:33:15PM -0400, Clint M. Sand wrote:
> Now, I'm all for a good healthy hatred for big brother, but do you
> really think this makes it easier or harder for them to read your mail?

Derek Martin replied:
> Unquestionably.  Mail that goes through their server is much easier
> to copy/tract etc. than mail that does not.  Comcast makes the assumption
> that you WILL use their servers, so they may be doing nothing to track
> mail not sent through them.

Derek's correct on this one.  It takes a fair amount of extra hardware and
engineering labor to put a tap on SMTP port 25 for a specific broadband user
among thousands of customers.  And it has to be done ahead of time; traffic is
not logged for later replay.

But if you send mail through an ISP's SMTP server, by default some amount of
logging is enabled all of the time.  (Depending on configuration; at least
sendmail defaults to syslogging each message's To/From addresses.)  To the
extent that logging is enabled, a court subpoena can force the ISP to retrieve
a list of correspondents and any other information in its logs.

As I noted in my July posting, which I will repeat below, you don't have to
hate Big Brother to hate using an ISP's mail server.  The main point I should
repeat here is that SMTP is designed from the ground up as a DISTRIBUTED
system.  If you try to CENTRALIZE it, you run into unnecessary scaling and
reliability problems.

As for what alternatives to use:  well, do as I do.  I have about 4 lines in
my mailertable.  Mail goes point-to-point from my system to the receiver's
system except for the few cases I've found that require relay hosting.  If you
have a situation which doesn't allow you to do that, switch to an ISP which
allows it, or at the very least find (or subscribe to) an alternative mail
relay service.  If you ever find yourself the target of a subpoena (hint:  I
*have*, for reasons having to do with nothing subversive at all, just this
year, in a US District Court), your ISP is the very first target the lawyers
will identify.  Find a mail server outside your ISP.

That court case reminds me to spell out something here.  You can find yourself
the target of a legal witch-hunt with the following characteristics:

1) Action will be brought by a corporation not Big Brother
2) The corporation will be after someone else, you will have had nothing to do
with it and probably no advance warning
3) A subpoena can be issued (thanks to the DMCA) without a judge's signature
4) You will need to hire your own attorney to quash the subpoena
5) You could face a 5-figure bill
6) You are, of course, guilty of nothing--but poorer

So I might reference John Ashcroft liberally in my criticism of the direction
our political system.  But the real enemy is the Fortune 500 and their
platoons of lawyers who lobby for laws that allow them to pursue mindless
litigation.

Personally, I sleep better at night knowing that my ISP Comcast does not have
the tools to keep track of anything I do, and no logs other than my IP address
to send in the event they receive a court subpoena from some bozo.

And no, I don't hold secret meetings of skinheads, communists or suicide
bombers in my basement.  I do have tile-laying materials there, if the FBI
wants to be shown around.  ;-)

-rich

Date: Thu, 24 Jul 2003 15:54:58 -0400 (EDT)
From: Rich Braun  richb at pioneer.ci.net

Derek Mar[t]in wrote:
> measures like this one, while well-intentioned, will only serve to
> irritate some segment of the legitimate user community who are not
> content to use the Internet as they would a TV, but will do very little
> to prevent spam.  Real spammers will not be hindered by such measures...

Absolutely right on the money.

Robert L Krawitz <rlk at alum.mit.edu> wrote:
> (In my own experience when I've done system administration, I've
> always found it a lot easier to use a central smart relay anyway.)

There are a number of reasons *not* to want to use someone else's smart relay:

- You are adding at least one more point of failure
- The mail will often take longer to get through, and delivery won't be as
predictable
- Big beefy mail servers are less scaleable (and require more sysadmin effort/
upgrades to maintain stability as traffic increases) than simply letting each
user's computer do the work
- It can be tapped or logged more easily by crackers or snoopy government
officials
- Delivery rules will likely change unpredictably over time, causing messages
to get munged, truncated, tagged as spam, or otherwise mutilated
- If implemented on a large scale, centralization could lead to increasing
costs to consumers

I do *not* support any attempt to centralize the decentralized architecture of
peer-to-peer network applications, most *especially* SMTP.

As a method of combatting spam, "smart" relays are a non-starter; in fact I'd
call them "stupid".  I like having my very own SMTP server, thank y'all very
much.

There are better ideas out there.

Besides, since when did the Linux user community look to the likes of AOL for
engineering improvements to our collective Internet experience?  ;-)

-rich




BLU is a member of BostonUserGroups
BLU is a member of BostonUserGroups
We also thank MIT for the use of their facilities.

Valid HTML 4.01! Valid CSS!



Boston Linux & Unix / webmaster@blu.org