nanog mailing list archives

Previous By Date Next
Previous By Thread Next

RE: RBL-type BGP service for known rogue networks?

From: Sabri Berisha <sabri () vuurwerk nl>
Date: Sun, 9 Jul 2000 17:26:40 +0200 (CEST)

On Sat, 8 Jul 2000, Roeland M.J. Meyer wrote:


I agree. MHSC lost an entire market plan, hosting third-party
secure mail, becasue third-party mail services must allow
relaying that is at minimum semi-open. At the time SMTP AUTH
didn't exist (Until it's use becomes more wide-spread it still
isn't real useful). The anti-relay bunch are killing a valid
business model. 


I can understand your grief. However, I expect you to have the same commen
sense most of us have and you will probably know who to blame for this. Do
you wish to blame the spammers or the volunteers who fight spam?


Even for internal use, we have staff, on
client-site, that need to send/recieve their mail from our
servers, even when their lap-top is DHCP attached to another
net-block. Every week we find ourselves having to open the relays
more and more. Next week, I am travelling to the EU on business.
That's yet more net-blocks that I have to allow relaying from.


I know of an isp in the netherlands that has it's relay open for their
users from all over the world. They built this system that checks if you
have logged on using pop3 at least 1 time in the lasts 5 minutes. If you
did; you can relay. If you did not; your mail will be rejected.
http://www.dds.nl is the project; their admins can tell you more.


A single ORBS forged header, with the right source info in it,
will pass right through our mail system, like it was greased. The
whole anti-relay jihad is a fallacious rat-hole populated by
rabid self-righteous rats who don't have a clue. If they don't
need it then it must not be a valid feature <humph!>. ORBS itself
should be RBL'd, IMHO.


Well now, I think we can have a discussion without calling each other bad
names, can't we?


Using the same sort of mind-set to subjectively BL script-kiddee
networks is dangerous, as the ORBS bunch has shown. It is all too
easy for it to get out of hand, vigilante-style. What are the
criteria and who has the over-sight?


You can find the criteria on http://www.orbs.org


That said, having had a few of our production hosts "owned", by
mwsh in the past, I am NOT fond of script-kiddies and agree that
something needs to be done. But, I am seriously resistant to yet
another ORBS style regulator bunch. That is NOT the answer.
Please, let's all look for another solution.


You are free to come with a proposal?

-- 
Sabri Berisha
Previous By Date Next
Previous By Thread Next

Current thread: