[26734] in North American Network Operators' Group
Re: Fw: Administrivia: ORBS
daemon@ATHENA.MIT.EDU (Henry R. Linneweh)
Fri Jan 14 16:39:50 2000
Message-ID: <387F96E2.99ECFACF@concentric.net>
Date: Fri, 14 Jan 2000 13:36:34 -0800
From: "Henry R. Linneweh" <linneweh@concentric.net>
Reply-To: linneweh@concentric.net
MIME-Version: 1.0
To: Shawn McMahon <smcmahon@eiv.com>
Cc: "Edward S. Marshall" <emarshal@logic.net>, nanog@merit.edu
Content-Type: multipart/alternative;
boundary="------------81F6415AAA13B0D104A47A68"
Errors-To: owner-nanog-outgoing@merit.edu
--------------81F6415AAA13B0D104A47A68
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Thank you for reading deeper into the issue and pointing this out..
Shawn McMahon wrote:
> Please refer to this paragraph from their FAQ:
>
> If you'd like to firewall the test machine, go right ahead. You'll test as
> fixed, then be removed from the database and you can bask in the false
> sense of security that you're not included as an open relay. Meantime, what
> will probably happen is that various spammer probes will find you, add your
> machine to the lists which they sell and hundreds of junkmailers will relay
> their crud through you - then you'll end up in our static table as a
> verified open relay when someone mails us that spam and we confirm there's
> a firewall up against our tester. Additionally, you'll most likely end up
> in dozens, if not hundreds of blocking lists operated by individual admins
> as they receive spam via your server - and it's far easier to get out of
> ORBS than out of a whole bunch of lists you've never heard of. If you must
> firewall, do it properly and only allow your own machines access to the
> open relay.
>
> I refer you specifically to the last part of the third sentence:
>
> "...and we confirm there's a firewall up against our tester."
>
> And we *CONFIRM*. Not speculate, not hear, CONFIRM.
>
> If they aren't doing that, they're wrong. That's my position.
>
> To say that my position denotes ignorance as to their policies is asinine.
>
> I'm done with this thread.
>
> At 07:59 PM 1/13/2000 -0600, you wrote:
>
> >Why should the ORBS maintainers attempt to work around that very explicit
> >request from the network administrators to not probe their network? Their
> >most ethical and reasonable option is to add that address block manually
> >to the listing, because they cannot (without explicitly acting against the
> >wishes of that network's administration) verify that the addresses in that
> >space are relaying or not.
--
Thank you;
|--------------------------------------------|
| Thinking is a learned process so is UNIX |
|--------------------------------------------|
Henry R. Linneweh
--------------81F6415AAA13B0D104A47A68
Content-Type: text/html; charset=us-ascii
Content-Transfer-Encoding: 7bit
<!doctype html public "-//w3c//dtd html 4.0 transitional//en">
<html>
Thank you for reading deeper into the issue and pointing this out..
<p>Shawn McMahon wrote:
<blockquote TYPE=CITE>Please refer to this paragraph from their FAQ:<font color="#FF0000"></font>
<p><u><font color="#FF0000">If you'd like to firewall the test machine,
go right ahead. You'll test as</font></u>
<br><u><font color="#FF0000">fixed, then be removed from the database and
you can bask in the false</font></u>
<br><u><font color="#FF0000">sense of security that you're not included
as an open relay. Meantime, what</font></u>
<br><u><font color="#FF0000">will probably happen is that various spammer
probes will find you, add your</font></u>
<br><u><font color="#FF0000">machine to the lists which they sell and hundreds
of junkmailers will relay</font></u>
<br><u><font color="#FF0000">their crud through you - then you'll end up
in our static table as a</font></u>
<br><u><font color="#FF0000">verified open relay when someone mails us
that spam and we confirm there's</font></u>
<br><u><font color="#FF0000">a firewall up against our tester. Additionally,
you'll most likely end up</font></u>
<br><u><font color="#FF0000">in dozens, if not hundreds of blocking lists
operated by individual admins</font></u>
<br><u><font color="#FF0000">as they receive spam via your server - and
it's far easier to get out of</font></u>
<br><u><font color="#FF0000">ORBS than out of a whole bunch of lists you've
never heard of. If you must</font></u>
<br><u><font color="#FF0000">firewall, do it properly and only allow your
own machines access to the</font></u>
<br><u><font color="#FF0000">open relay.</font></u>
<p>I refer you specifically to the last part of the third sentence:
<p>"...and we confirm there's a firewall up against our tester."
<p>And we *CONFIRM*. Not speculate, not hear, CONFIRM.
<p>If they aren't doing that, they're wrong. That's my position.
<p>To say that my position denotes ignorance as to their policies is asinine.
<p>I'm done with this thread.
<p>At 07:59 PM 1/13/2000 -0600, you wrote:
<p>>Why should the ORBS maintainers attempt to work around that very explicit
<br>>request from the network administrators to not probe their network?
Their
<br>>most ethical and reasonable option is to add that address block manually
<br>>to the listing, because they cannot (without explicitly acting against
the
<br>>wishes of that network's administration) verify that the addresses
in that
<br>>space are relaying or not.</blockquote>
<p>--
<br>Thank you;
<br>|--------------------------------------------|
<br>| Thinking is a learned process so is UNIX |
<br>|--------------------------------------------|
<br>Henry R. Linneweh
<br> </html>
--------------81F6415AAA13B0D104A47A68--
