Hacker News new | ask | show | jobs
by vel0city 901 days ago
> Give most servers "Internet*" access where some ports are missing?

Disallow SMTP traffic unless an account has a certain reputation or verified identity related to it?

I mean, they don't have to do that, and I would agree the government shouldn't force it to happen. But if someone is constantly causing you problems you shouldn't be required to deal with their shit. If you don't want to behave, expect consequences from everyone else in society.

If every time my friends invited me over I brought over another random person that smears feces all over the walls and pees in the corner I probably won't get invited over very often. Linode (and other cheap VPS hosts) are that person constantly enabling abusive people and subjecting them to others.
1 comments
Dylan16807 901 days ago
Personally inviting someone to your party? Surely the analogy to linode is something like an apartment building owner. You wouldn't ban your established friend just because you keep having problems with nearby tenants.
link
sheikheddy 900 days ago
Oh man I think around 2 years ago there was a 3x spike in Europe outbound spam and the fraud team had to disable like 200k+ tenants from some shady cloud VPS. We didn’t have a long term plan for the abuse back then besides playing whack-a-mole, and if we have one now, I haven’t heard of it.

Dumb question, but wtf is the solution even? I’m confused about what you expect us to do. I haven’t thought about the problem much so I might be missing some obvious Pareto improvement.

link
Dylan16807 900 days ago
Did I accidentally give the impression I have a particularly good solution to spam in mind? I don't.

My main suggestion here is just that an established reputation for a specific IP/domain should override the reputation of the IP block it's inside of.

link
sheikheddy 900 days ago
You didn’t make any mistakes encoding, I just screwed up my decoding, it happens :D

Thanks for clarifying, ok, hmm… that seems hard to do if you can check the IP block by using a subnet mask but the specific IP isn’t resolved until later in mailflow. It might not actually work like that in… ProtocolFilterHub? I always get this mixed up, wait… I think this might be something that we are already working on. And have been working on for a while, wow. Looks hairy. It’s stuck since the guy working on it transferred to another team, and no one picked it up, but some PM noticed before I did and put it up for vote in semester planning. Always creepy to see engineers get referred to as “resources”.

link