nanog mailing list archives
Re: RBL-type BGP service for known rogue networks?
From: "Scott McGrath" <s_mcgrath () bexair com>
Date: Mon, 10 Jul 2000 21:40:44 -0400
On the ORBS Jihad The biggest problem with ORBS is the ASSUMPTION that we are all running sendmail. MANY corporate sites use SMTP gateways which do not exhibit the same behavior as sendmail for instance Notes 5.0.x will accept a UCE message and quietly drop it once it realizes that this is a UCE message if the UCE filters are enabled. This behavior will get you on the ORBS list and until Lotus creates a Notes/Domino gateway which fully emulates sendmail you cannot get off the ORBS list. or create a RELAY server which is based on current revisions of sendmail it is not an open relay but it is a relay nonetheless. Talk of IPsec tunnels is a good idea except does the infrastructure support it and is it LEGAL in some countries in the EU encryption by private citizens/organizations is illegal so we are back to needing to allow relay from defined netblocks. "Derek J. Balling" wrote:
Also, as I said, there are valid reasons to allow third-party relays. In fact, they are even required, depending on circumstances.Sorry... don't buy it. Upgrade your MTA to sendmail 8.10 or above and have your customers use current versions of their MUA's if they wish to travel. SMTP-AUTH is your friend and it appears to be fairly well supported now within the various consumer MUA's. (Admittedly, this time last year that wasn't necessarily the case) I fail to see an occurrence where an open relay is "necessary". Can you describe one for me? D
Current thread:
- RE: "top secret" security does require blocking SSH, (continued)
- RE: "top secret" security does require blocking SSH Greg A. Woods (Jul 09)
- Re: "top secret" security does require blocking SSH Greg A. Woods (Jul 09)
- Open Broadcast Amplifier networks list. Simon Lyall (Jul 12)
- Re: "top secret" security does require blocking SSH Stephen Sprunk (Jul 09)
- RE: RBL-type BGP service for known rogue networks? Sabri Berisha (Jul 09)
- RE: RBL-type BGP service for known rogue networks? Roeland M.J. Meyer (Jul 09)
- Re: RBL-type BGP service for known rogue networks? Richard Irving (Jul 09)
- RE: RBL-type BGP service for known rogue networks? Derek J. Balling (Jul 09)
- RE: RBL-type BGP service for known rogue networks? Roeland M.J. Meyer (Jul 09)
- Re: RBL-type BGP service for known rogue networks? Valdis . Kletnieks (Jul 10)
- Re: RBL-type BGP service for known rogue networks? Scott McGrath (Jul 10)
- Re: RBL-type BGP service for known rogue networks? Brett Frankenberger (Jul 11)
- OT: C&W Engineer Bradly Walters (Jul 11)
- RE: RBL-type BGP service for known rogue networks? Sabri Berisha (Jul 09)
- RE: RBL-type BGP service for known rogue networks? Roeland M.J. Meyer (Jul 10)
- RE: RBL-type BGP service for known rogue networks? Greg A. Woods (Jul 09)
- Re: RBL-type BGP service for known rogue networks? Shawn McMahon (Jul 09)
- Re: RBL-type BGP service for known rogue networks? Greg A. Woods (Jul 09)
- Re: RBL-type BGP service for known rogue networks? Shawn McMahon (Jul 09)
- Re: RBL-type BGP service for known rogue networks? Greg A. Woods (Jul 09)
- Re: RBL-type BGP service for known rogue networks? Shawn McMahon (Jul 10)