[56198] in North American Network Operators' Group
Re: anti-spam vs network abuse
daemon@ATHENA.MIT.EDU (David Schwartz)
Fri Feb 28 00:58:22 2003
From: David Schwartz <davids@webmaster.com>
To: <jlewis@lewis.org>, <nanog@merit.edu>
Date: Thu, 27 Feb 2003 21:57:44 -0800
In-Reply-To: <Pine.LNX.4.44.0302272159530.12785-100000@redhat1.mmaero.com>
Errors-To: owner-nanog-outgoing@merit.edu
On Thu, 27 Feb 2003 22:36:37 -0500 (EST), jlewis@lewis.org=
wrote:
>This sort of activity is becoming more common / mainstream, so
>people
>ought to just get used to it. Road Runner is doing the same=
thing
>(according to http://sec.rr.com/probing.htm) which is pretty=
ironic
>given
>how their security department has gotten along with (or not)=
various
>DNSBLs in the past.
=09It has always been my opinion that if somebody connects to you,=
they
are implicitly granting you the right to connect back to them on=
well-known ports. I have discussed this opinion with several=
dozen
people and have yet to find one who disagrees. (Though I'm sure
they're probably out there.)
=09I've dealt with any number of abuse complaints, many from
governmental and quasi-governmental group. They've all accepted=
my
cut/pasted explanation and we've been whitelisted by several such=
organizations.
=09I often use the following as the 'meat' paragraph of my reply:
"In accord with our terms of service, when someone makes a=
connection
to one of our machines, we make connections back to them to=
ensure
they're not connecting through an open proxy. These connections=
are
to each of the ports on which such proxies commonly run and some=
ports may require more than one connection to test multiple
protocols. We never do such a probe except as a response to a
connection made to us."
--
David Schwartz
<davids@webmaster.com>
