If you want to continue serving your _real_ users while giving the slashdot crowd as much fun as you've got leftover horsepower to handle, and you're planning for this sort of thing in advance, it may help to trick your system into serving the slashdot crowd from one server and the regulars from a different one. Some obvious implementations:
Use the HTTP REFERER to direct/.ers to the second machine.
Use a friendly low-graphics front page that asks/.ers to click a link that goes to the second machine.
Modify your DNS so that people you recognize go to the primary machine and unrecognized people go to the second machine. If you're a university, most of your regular users are probably from.edu or.gov sites. If you're doing this anyway, you can also check DNS lookups to see if they come from open relays or spamblocked sites and send them to your _very_ _slow_ _smtp_ teergrube machine.
ECN's a reasonable thing to want a router to do, if you've got the CPU horsepower for it, as is not breaking Path MTU discovery.
VPNs don't matter - they take more horsepower than the average Cisco 2500, and any Linux box running FreeSWAN will give you more control.
DSCP may be interesting if you're running it internally and your ISP supports it, but that's not too common, and ISPs that support CoS features often want to run the router for you.
IPv6 is not widely supported by ISPs - it's mostly done by tunnelling to a tunnel broker. If you need that, you can use a PC as your tunnel server.
Security patches - yes, you should pay attention to those, and see if there's anything critical that doesn't have a workaround.
The point that the poster was trying to make was that if Alice sells Bob a Cisco, Cisco won't give Bob a license for the built-in software without a lot of money, because Alice was the original owner, even though Alice is no longer using it.
However, if Alice leases Bob the Cisco, Alice is still the owner, they've just got the box at Bob's premises, and if the box needs a maintenance contract, Bob can pay Alice the cost of the contract. That doesn't mean that Alice is still administering the box - that's Bob's problem, and Alice hopefully has the sense to change the enable password before telling it to Bob, and Bob hopefully has the sense to also change it, just as both of them would in a regular sale.
The problem with this is that it's fine if Alice is a financially stable company that's just getting rid of the old routers to buy new ones - it's not a practical solution if Alice is selling off the assets of her dead dotcom, including the routers and the furniture. Sometimes you can work around this by having Alice sell the company along with the equipment, but that's usually only useful if there's just one piece of equipment to sell, and if the "company" can be sold without the debts, risks of lawsuits, etc., which usually requires far too much legal work to bother with on a $400 or even $4000 router.
Routers don't become outdated the way that PCs do. A 5-year-old Cisco 2500 won't do as many things as a new 26xx, and won't have enough memory to run some of the newer operating systems releases, but if all you're doing is connecting your LAN to an ISP T1 connection and some dial backup, it's just fine.
This isn't like Gamer PCs, where you _need_ a 4.77 GHz machine to keep up, or a Microsoft Office machine, where MS keeps making Office bigger and using the newer features of Windows, so you need to upgrade Windows, but you can't upgrade to Windows 2006 without upgrading to at least a 2GHz machine with 6.40GB of RAM. This is much more like the 486 Linux machine sitting in the corner acting as a DNS and DHCP server, or the Pentium 133 you're using as an X terminal.
But there are two popular reasons to sell a used router. One is that you're upgrading to a bigger router, and as you say, everyone wins including the router vendor. The other reason is that your dot-com died (or was bought by somebody who already had enough bandwidth in their offices) and you're selling the routers, the PCs, the chairs, the cubicle walls, and the t-shirts, and nobody's buying any new router except your happy E-Bay customer, and the router vendor loses a sale they might have gotten.
Sure, access points don't just pop up, and if they've been secured, they'll probably stay secure. And desktop computers are relatively stable. But people get new laptops all the time, and add WiFi cards to existing laptops (especially when they're adding wifi to their home networks), and laptops get their settings messed up all the time.
Of course I see the spam problem, and have a spam problem. You're focusing on a small side piece of the technical problem (how many bits of spam your ISP transmits compared to bits of useful email), without the context of how many bits of web traffic (I get far more bits of Slashdot alone than I do spam), or the _real_ cost of the spam, which is the attention span used by the [expletive deleted] spammers.
People will send you penis enlarger ads whether you want it or not. The issue is _where_ your mail gets filtered, and how much control you have over the filtration as opposed to how much control you delegate to your ISP, and how much filtration you have done at your ISP's end of the wire vs. your mail client's end of the wire.
In your case, it sounds like you strongly need to get some Bayesian filters or other filtration system to help you find real mail. (Do you really mean that only 1 in 200 messages you get is non-spam, with 95% discarded by filters and 4.5% deleted by subject line and only 0.5% of the mail is really for you??) And if that's really true, what fraction of the mail that's really for you is really useful, and can filters help you sort that?
There's a substantial business in telemarketers selling investment scams, which especially tends to be successful with older widows who didn't handle the finances while their husbands were alive. It's really, really sleazy. There's also a lot of telemarketing for home repair scams, where people get taken for shoddy work at high prices.
The sleaziest, most evil group I've gotten telemarketer calls from was the California Narcotics Officers' Association, a "charity" which provides "training" for drug war thugs. One of the more evil things they've done has been to lobby against medical marijuana, because the suffering of cancer patients is *much less* important to them than the risk to political correctness that would happen if sick people could use dope as medicine - why the next thing you know, penalties for possession of a drug that's much much safer than alcohol or tobacco might be reduced, or the public would have less respect for these officers when they're routinely violating peoples' civil rights with illegal searches or planting dope on people to bust them. Sorry, but I'd rather get a call from a Herbal Fake Viagra peddler.
If you're in the US, and you're not on a wired connection, and you're within local calling distance of a POP (i.e. almost every US internet user), download time doesn't cost you money - you're still paying $20/month, and the email download volume is a lot less than your web surfing volume. So change your downloading habits (which may require getting a better email program.)
Before I got DSL, I would get up in the morning, dial in to my work email account, start it downloading the couple megabytes of Powerpoint technical training messages or happy corporate fluff from our marketing department, start the coffee pot brewing, and go take a shower. By the time I was out of the shower, the mail would be there, and yes, spam sucks, but it's lower volume than the bloatware that I really _did_ want to receive, and there'd be COFFEE!
Now that it's a year later, yes, the spam level on my personal email account has grown, but it's still less than my routine work email. (More importantly, I've got an ISP that provides Unix shell accounts and I'm running Procmail to trash 80% of the mail that the ISP's SpamAssassin has flagged as probably spam, and downloading the other 20% to my PC, which drops 98% of the suspected spam into the trash folder where it's nicely sorted and I can validate that it's almost all spam.)
So download mail while you're eating, or watching TV, or doing something you enjoy, and don't sit there waiting for it. Or read Slashdot while you're waiting for the mail to download.
Anonymity is critically important for whistleblowing, serious discussions of sexual abuse, and similar things. Look at the recent British government official who leaked the fact that the government knew the Nigerian Uranium Sale to Iraq report was bogus, got outed, and was found to have "committed suicide" a few days later. It's an important civil right - and in the US there are even Supreme Court cases backing it up.
If you make anti-spamming laws too strict, spammers will just set up lots of $50 Caribbean corporations, have the corporation buy a $25/month ISP account, rent a $50/month mailbox, send out 32 million spams, buy some "Internet Consulting Service" or "Mailing and Packaging Service" or "List of 32 Million Email Addresses" from a sleazy-looking guy (or from another $50 corporation) for about the price of 6000 bottles of Herbal Penis Enlarger pills, and by the time anybody tracks them down, they've probably vanished, and if they haven't vanished, you can sue them for the $150 that's left in their bank account that they haven't had time to launder yet.
Punishment by large fines? Doesn't help, for the above reason. The big operators will find ways to avoid prosecutability, and you'll only catch a few clumsy suckers, but meanwhile the medium-sized spammers will sell better spamming kits to the anklebiters (using get-rich-quick spam to do their marketing.)
Basically, to pry spammers loose from the internet, you need a big iron crowbar and a list of addresses of spammers who still have kneecaps.
Alternatively, you've got to find technical or social methods to change the economics - if you can increase the cost of finding a sucker by 3-6 orders of magniture, you can make the spamming uneconomical, and it'll gradually go away. That's the place to focus any SMTP replacements, whether you like hashcash or unique per-message addresses from per-user subdomains or teergrubes and spiderbait or whatever.
Oliver Wendell Holmes later said he regretted using the "Shouting fire in a theater" line, because of the amount of suppression of speech it was used to justify.
However, that's not really what's happening here - spammers aren't endangering anybody's life by doing it except perhaps their own. It's a lot more like shouting "BIG SALE ON VIAGRA!!" in a crowded theater, which really annoys all the other people who are there to watch a movie. And it's like shouting it from somewhere in the dark in the back of the theater where nobody's near enough to whack you for it.
Yeah, they've got a nice deal. Their network is probably underconnected, so you may not get your whole 100 Mbps very often, but they're charging roughly the price other ISPs charge for a T1, and you'll probably get at least 1.5% of that 100 Mbps all the time and occasionally a lot more. Other ISPs' prices may have gone down a bit, but the closest other game in town is DSL service for ~$50-100 for a 1.5Mbps/384kbps connection or some of the SDSL stuff. If you're running a website, this is probably ok (at least as a backup), and if you're looking for an office internet feed, it's probably a good deal.
Why would the customer complain? They're getting their services from the casino. And Credit card companies will let you charge money at on-land casinos.... Also, at least one of the casinos operating from Sealand is gold-based - if you use a credit card, it's to buy gold, and then you can gamble with the gold or get it shipped to you.
Sure, it's definitely cool to cross the Atlantic - you've basically got one shot, win or lose. But I'd think they'd first try to get it across North America on land, so if something goes wrong they can get some information out of it rather than just knowing roughly where it sank in the ocean.
A metric ton of coke is a million grams. Back in 1990, if you can believe Bush Administration propaganda, the retail street price for coke was about $30-40/gram. That's $30-40 million of coke per airplane, or $10 million if the Feds' price was too high for this stage in the food chain. If the airplane costs $500K, it's small change. The wholesale price was less than 10% of that, and the airplane is still small change. If one airplane out of 5 gets through, you win. If one in 10 gets through, you still break even. If you use pilotless airplanes, the person who collects them in Florida can take the coke, refill them with gas, and send them home via some relay point.
Piloted airplanes had a much higher than 10% success rate, especially since they could fly 10 feet over the water which is below radar altitude, and there were enough guys willing to risk a couple years in jail in order to make a couple million dollars that the cartels could simply do auctions on cocaine delivered to Florida or South Carolina, and could write off the airplanes after they got to the US.
It was an amazing, amazing economic time, with far more leverage than the high-tech business ever had, simply because the stupid US drug laws created market conditions with a 1000% profit margin, unlimited-demand unsaturated market, ready supply (suppliers were also making a few thousand percent profit margin), small quantity of material to move, and a one-shot deal could get you all the disco and babes you wanted to retire on as long as you weren't stupid enough to sample the merchandise or greedy enough to try to rip off your business partners. (And if you didn't think you'd made enough on one trip, it was still pretty safe and undetectable to make a second one, at which point you've made as much extra money as you'd have gotten by ripping off your partners, and nobody goes after you with a chainsaw.)
You could find a place which is unclaimed and _almost_ above water and do some construction work to make it at least a foot above high tide or whatever the official standards are for being _dirt_, which you can therefore get recognized as a country. A group of libertarians did this back in the 1970s with the Minerva Shoals, about 250 miles from Fiji and 400 from Tonga. Six months later the King of Tonga invaded and stole their country. I think they were still really living in boats at the time, eating a lot of fish.
Lack of IP laws provided one potential market - there'd been pirate radio running off Sealand in the 70s, why not pirate music and movies today? But the real source of potential revenue isn't selling expensive access to free content, it's gambling, running Internet casinos from a jurisdiction that doesn't have gambling laws and doesn't have treaties with the US allowing the US to shut them down, and doesn't have treaties with the UK allowing the UK to tax them. The Havenco folks had experience with that business in the Caribbean, but Caribbean telecom infrastructure really sucks, whereas once you've built a short connection to shore, the UK and (a bit farther away) NL have all the connectivity you could want.
Apparently, "Let Prince Michael Administer The Equipment" is almost as effective as cutting the cables, and takes longer to repair....
There are several problems with the RIAA launching cyber-attacks on Havenco. One is that back when Ryan was in charge, he was technically competent, so it's not very effective. Another is that it's not necessarily legal for RIAA, operating from the US or UK, to launch a cracker attack on a foreign target, especially because the attack necessarily affects Havenco's feeds from their UK and NL ISPs. It's less illegal for Havenco to crack back, though it would probably be suicidal, since their ISPs could decide that that was a good reason to cut them off for violating terms of service.
No, no, you've got it all wrong. It would be warfare against someone who may be a foreign prince but is also a British subject, and that's just not cricket, and might be actionable in one of the EU or international courts.
The way to get rid of Sealand is by *accident*. "Ooops, that barge of barrels of petrol slipped off our tugboat in the storm and it's headed right for you and we just *can't* control it. Terribly sorry..."
A fairly common practice when big companies are buying business-critical software from other companies is to do "Source Code Escrow". Basically, some lawyer keeps copies in a safe, and if the author company goes bust or stops selling the product, the customer company gets access to the source code, and maybe gets some ownership rights to it (depending on how custom-built it is.)
That doesn't usually determine who has the right to sell and distribute the code (usually that either gets owned by whoever buys the remains of the company or else gets sold along with the chairs and espresso machine or whatever), but it at least protects the customer against being dependent on abandonware, and the escrow agreements can clarify that the customer has access to it for N years under whatever conditions.
That's why there are email relays
on
Replacing SMTP?
·
· Score: 1
It's not the only reason, but one of the main reasons that most Unix email programs did relaying was the need to connect between different kinds of email systems - if your machine wasn't smart enough to reach BITNET:user%foo@berknet , you'd send it to somebody smarter or better connected or likely to be closer in a protocol-hop way to the recipient, and they'd try to deliver it. Since everybody was friendly back then, there wasn't a major abuse problem, and email systems that were expensive (like Fidonet) didn't relay for unregistered people, unless they were sponging resources off of large companies (like several Bell Labs uucp relays ihnp4 and allegra, for whom it was mostly funny-money.)
However, if Alice leases Bob the Cisco, Alice is still the owner, they've just got the box at Bob's premises, and if the box needs a maintenance contract, Bob can pay Alice the cost of the contract. That doesn't mean that Alice is still administering the box - that's Bob's problem, and Alice hopefully has the sense to change the enable password before telling it to Bob, and Bob hopefully has the sense to also change it, just as both of them would in a regular sale.
The problem with this is that it's fine if Alice is a financially stable company that's just getting rid of the old routers to buy new ones - it's not a practical solution if Alice is selling off the assets of her dead dotcom, including the routers and the furniture. Sometimes you can work around this by having Alice sell the company along with the equipment, but that's usually only useful if there's just one piece of equipment to sell, and if the "company" can be sold without the debts, risks of lawsuits, etc., which usually requires far too much legal work to bother with on a $400 or even $4000 router.
This isn't like Gamer PCs, where you _need_ a 4.77 GHz machine to keep up, or a Microsoft Office machine, where MS keeps making Office bigger and using the newer features of Windows, so you need to upgrade Windows, but you can't upgrade to Windows 2006 without upgrading to at least a 2GHz machine with 6.40GB of RAM. This is much more like the 486 Linux machine sitting in the corner acting as a DNS and DHCP server, or the Pentium 133 you're using as an X terminal.
But there are two popular reasons to sell a used router. One is that you're upgrading to a bigger router, and as you say, everyone wins including the router vendor. The other reason is that your dot-com died (or was bought by somebody who already had enough bandwidth in their offices) and you're selling the routers, the PCs, the chairs, the cubicle walls, and the t-shirts, and nobody's buying any new router except your happy E-Bay customer, and the router vendor loses a sale they might have gotten.
Sure, access points don't just pop up, and if they've been secured, they'll probably stay secure. And desktop computers are relatively stable. But people get new laptops all the time, and add WiFi cards to existing laptops (especially when they're adding wifi to their home networks), and laptops get their settings messed up all the time.
Oh, wait, before Microsoft became the Evil Empire, IBM used to have that job. Now they've passed it on to SCO...
"I feel a disturbance in the carrier" said PDP-1 Kenobe
Hit it!
/proc is really a Plan 9 From Bell Labs thing, though Linux quite reasonably picked it up.
People will send you penis enlarger ads whether you want it or not. The issue is _where_ your mail gets filtered, and how much control you have over the filtration as opposed to how much control you delegate to your ISP, and how much filtration you have done at your ISP's end of the wire vs. your mail client's end of the wire.
In your case, it sounds like you strongly need to get some Bayesian filters or other filtration system to help you find real mail. (Do you really mean that only 1 in 200 messages you get is non-spam, with 95% discarded by filters and 4.5% deleted by subject line and only 0.5% of the mail is really for you??) And if that's really true, what fraction of the mail that's really for you is really useful, and can filters help you sort that?
The sleaziest, most evil group I've gotten telemarketer calls from was the California Narcotics Officers' Association, a "charity" which provides "training" for drug war thugs. One of the more evil things they've done has been to lobby against medical marijuana, because the suffering of cancer patients is *much less* important to them than the risk to political correctness that would happen if sick people could use dope as medicine - why the next thing you know, penalties for possession of a drug that's much much safer than alcohol or tobacco might be reduced, or the public would have less respect for these officers when they're routinely violating peoples' civil rights with illegal searches or planting dope on people to bust them. Sorry, but I'd rather get a call from a Herbal Fake Viagra peddler.
Before I got DSL, I would get up in the morning, dial in to my work email account, start it downloading the couple megabytes of Powerpoint technical training messages or happy corporate fluff from our marketing department, start the coffee pot brewing, and go take a shower. By the time I was out of the shower, the mail would be there, and yes, spam sucks, but it's lower volume than the bloatware that I really _did_ want to receive, and there'd be COFFEE!
Now that it's a year later, yes, the spam level on my personal email account has grown, but it's still less than my routine work email. (More importantly, I've got an ISP that provides Unix shell accounts and I'm running Procmail to trash 80% of the mail that the ISP's SpamAssassin has flagged as probably spam, and downloading the other 20% to my PC, which drops 98% of the suspected spam into the trash folder where it's nicely sorted and I can validate that it's almost all spam.)
So download mail while you're eating, or watching TV, or doing something you enjoy, and don't sit there waiting for it. Or read Slashdot while you're waiting for the mail to download.
However, that's not really what's happening here - spammers aren't endangering anybody's life by doing it except perhaps their own. It's a lot more like shouting "BIG SALE ON VIAGRA!!" in a crowded theater, which really annoys all the other people who are there to watch a movie. And it's like shouting it from somewhere in the dark in the back of the theater where nobody's near enough to whack you for it.
Yeah, they've got a nice deal. Their network is probably underconnected, so you may not get your whole 100 Mbps very often, but they're charging roughly the price other ISPs charge for a T1, and you'll probably get at least 1.5% of that 100 Mbps all the time and occasionally a lot more. Other ISPs' prices may have gone down a bit, but the closest other game in town is DSL service for ~$50-100 for a 1.5Mbps/384kbps connection or some of the SDSL stuff. If you're running a website, this is probably ok (at least as a backup), and if you're looking for an office internet feed, it's probably a good deal.
Why would the customer complain? They're getting their services from the casino. And Credit card companies will let you charge money at on-land casinos.... Also, at least one of the casinos operating from Sealand is gold-based - if you use a credit card, it's to buy gold, and then you can gamble with the gold or get it shipped to you.
Hey, it sounds faster than avian carriers, though perhaps less reliable....
Sure, it's definitely cool to cross the Atlantic - you've basically got one shot, win or lose. But I'd think they'd first try to get it across North America on land, so if something goes wrong they can get some information out of it rather than just knowing roughly where it sank in the ocean.
Piloted airplanes had a much higher than 10% success rate, especially since they could fly 10 feet over the water which is below radar altitude, and there were enough guys willing to risk a couple years in jail in order to make a couple million dollars that the cartels could simply do auctions on cocaine delivered to Florida or South Carolina, and could write off the airplanes after they got to the US.
It was an amazing, amazing economic time, with far more leverage than the high-tech business ever had, simply because the stupid US drug laws created market conditions with a 1000% profit margin, unlimited-demand unsaturated market, ready supply (suppliers were also making a few thousand percent profit margin), small quantity of material to move, and a one-shot deal could get you all the disco and babes you wanted to retire on as long as you weren't stupid enough to sample the merchandise or greedy enough to try to rip off your business partners. (And if you didn't think you'd made enough on one trip, it was still pretty safe and undetectable to make a second one, at which point you've made as much extra money as you'd have gotten by ripping off your partners, and nobody goes after you with a chainsaw.)
You could find a place which is unclaimed and _almost_ above water and do some construction work to make it at least a foot above high tide or whatever the official standards are for being _dirt_, which you can therefore get recognized as a country. A group of libertarians did this back in the 1970s with the Minerva Shoals, about 250 miles from Fiji and 400 from Tonga. Six months later the King of Tonga invaded and stole their country. I think they were still really living in boats at the time, eating a lot of fish.
Oi thought we was more of an autonomous collective!
Lack of IP laws provided one potential market - there'd been pirate radio running off Sealand in the 70s, why not pirate music and movies today? But the real source of potential revenue isn't selling expensive access to free content, it's gambling, running Internet casinos from a jurisdiction that doesn't have gambling laws and doesn't have treaties with the US allowing the US to shut them down, and doesn't have treaties with the UK allowing the UK to tax them. The Havenco folks had experience with that business in the Caribbean, but Caribbean telecom infrastructure really sucks, whereas once you've built a short connection to shore, the UK and (a bit farther away) NL have all the connectivity you could want.
There are several problems with the RIAA launching cyber-attacks on Havenco. One is that back when Ryan was in charge, he was technically competent, so it's not very effective. Another is that it's not necessarily legal for RIAA, operating from the US or UK, to launch a cracker attack on a foreign target, especially because the attack necessarily affects Havenco's feeds from their UK and NL ISPs. It's less illegal for Havenco to crack back, though it would probably be suicidal, since their ISPs could decide that that was a good reason to cut them off for violating terms of service.
The way to get rid of Sealand is by *accident*. "Ooops, that barge of barrels of petrol slipped off our tugboat in the storm and it's headed right for you and we just *can't* control it. Terribly sorry..."
That doesn't usually determine who has the right to sell and distribute the code (usually that either gets owned by whoever buys the remains of the company or else gets sold along with the chairs and espresso machine or whatever), but it at least protects the customer against being dependent on abandonware, and the escrow agreements can clarify that the customer has access to it for N years under whatever conditions.
It's not the only reason, but one of the main reasons that most Unix email programs did relaying was the need to connect between different kinds of email systems - if your machine wasn't smart enough to reach BITNET:user%foo@berknet , you'd send it to somebody smarter or better connected or likely to be closer in a protocol-hop way to the recipient, and they'd try to deliver it. Since everybody was friendly back then, there wasn't a major abuse problem, and email systems that were expensive (like Fidonet) didn't relay for unregistered people, unless they were sponging resources off of large companies (like several Bell Labs uucp relays ihnp4 and allegra, for whom it was mostly funny-money.)