nanog mailing list archives

Previous By Date Next
Previous By Thread Next

Re: ARIN whois

From: Dean Anderson <dean () av8 com>
Date: Thu, 25 Nov 1999 00:59:40 -0500

I have never heard them say anything of the sort.

I do know that ORBS is uncommonly good at blocking relays.   Much, much better than RBL. One admin I talked to recently 
told me about 8 of 10 relayed spams were identified by ORBS.  Of course, is ORBS that good, or is ORBS actually the 
source of the relay attacks?  I think the latter.  I know our attacks increased (started actually) after ORBS people 
started inciting attacks.

If it weren't for ORBS there wouldn't be so many relay attacks.

I think it would be helpful to block all traffic to ORBS as an organization that promotes and incites criminal 
activity.  I think port scanning from ORBS into the US can be blocked immediately by any ISP as an unauthorized 
security scan, and a security attack.   We block them not only from our servers, but all of our customers as well.  Of 
course, they still advertise our servers to spammer and antispammer attackers.  All I can do is keep listing them in 
our complaints to the FBI.  But more complaints will help.

                --Dean

At 03:19 AM 11/25/1999 +0300, Alex P. Rudnev supposedly said:

Btw.

They, antispammers, have one usefull policy. Yes, you can keep OPEN RELAY, if
you agree to restrict RELAYING FROM the wrong (existing in the ORBS or other)
sources.

It's just enougph for the business.

Alex R.



On Wed, 24 Nov 1999, Dean Anderson wrote:


Date: Wed, 24 Nov 1999 17:13:59 -0500
From: Dean Anderson <dean () av8 com>
To: J.D. Falk <jdfalk () cybernothing org>, nanog () merit edu
Subject: Re: ARIN whois


I'm surprised to see such poorly considered statements from JD. 

Unless SMTP AUTH (just released in sendmail 3 weeks ago) works in every client, and is support in MS Exchange, then 
we (that is we as an operations community) don't have the technology to practically authenticate it yet.  I too can 
write an authenticated SSL client & server to transfer mail between two computers. But its not useful unless its 
widely deployed.  Statements to the contrary are just foolishness in an operational context such as a real business. 
We are running a _BUSINESS_, not a research lab, with one server and one specially developed client.

We don't run relays out of laziness. We went out of our way to enable them. We go out of our way to monitor them for 
unauthorized use.  We would certainly prefer an authenticated mail system.  We have to live with what is currently 
deployed.

What annoys me about the pressure from the junior antispammer league is they go from "gee, you know you can close 
those relays" 

We respond "Yes, we know. We operate them on purpose for business reasons". At times, I've explained these business 
reasons in detail. The technical conclusion is then that we have to operate relays.

They then jump to "Thats unacceptable. You MUST CLOSE THEM". 

We say "No. Absolutely not."  

They say "Well, in that case we're going to start committing crimes against your service, posting to alt.2600, 
inciting attacks, and wasting your time, bandwidth, and computer resources until you agree to close them."  

We say, thats extortion.  We say that crimes against our service are crimes. We report them, and they will get 
eventually get punished, and we will work hard to get paid for the services rendered and the damages done by 
criminals.  We don't tolerate this sort of behavior.  Most companies don't.  

             --Dean


++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
           Plain Aviation, Inc                  dean () av8 com
           LAN/WAN/UNIX/NT/TCPIP          http://www.av8.com
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++




Aleksei Roudnev,
(+1 415) 585-3489 /San Francisco CA/




++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
           Plain Aviation, Inc                  dean () av8 com
           LAN/WAN/UNIX/NT/TCPIP          http://www.av8.com
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Previous By Date Next
Previous By Thread Next

Current thread: