On Wed, 10 Jul 2002, Theo Van Dinter wrote:
> I see it much like security: stopping the robber at the fence is better
> than stopping them at the front door, which is better than stopping them
> at the room door, which is better than stopping them at the safe door.
I agree. But you can't strip search everyone. And you can't trust everyone
who says "trust my dns server to only give out spammers". Anything that
goes through a relay (either open or closed) can be filtered without
blocking all mail from the relay.
Is it necessary to block (open or closed) relays to block spam?
It is necessary to operate open relays in some cases. Open relays usually
aren't closed as a result of the open relay scanners. The scanners
advertise information they don't need to advertise, and smugly promote
abuse.
Some of the better known open relay black lists have been demonstrated to
be revenge sites. (ORBS was shutdown after it lost on this, though for
contempt, not because of the loss)
You do the math, and make your decision. I don't think we can get
further by argument.
> > Its not the idea of blacklists that is flawed, its the idea that open
> > relays should be blocked that is flawed. An open relay black list is
> > either naive and misled, or it is an abuser.
>
> Your views contradict the majority of Internet users.
The user community? Yes, well, now _there_ is a community that has a lot
of knowledge on relay abuse, and who is conducting it. Most of them don't
know what cisco means nor the concept of logging, and believe the false
and absurd claims. Why shouldn't they believe whatever they hear on the
net from those who shout the loudest? They are stunned to find that we
know they were using our relays, and who they were sending mail to. Even
abuse admins have been stunned in the past, when we've caught them abusing
our relays from their desktops. One admin was fired, after (repeatedly)
trying to prove that our relay was free.
No one (except me, maybe) wants to step out and tell these people they are
wrong. If you did, they'd start abusing your relays. It has indeed
happened to us, but I think overall it strengthened our protection. Thats
why most ISP's keep their relays secret, and only give them out to larger
customers that need them. And thats why they block relay scanners. And
thats why most open relays are never closed, a fact acknowledged on some
of the anti-relay sites. They are kept open because they serve a purpose,
and are protected as best as can be from those who seek to abuse them.
Anyway, I've said all I can think of to say. Goodnight.
--Dean
---
Send mail for the `bblisa' mailing list to `[EMAIL PROTECTED]'.
Mail administrative requests to `[EMAIL PROTECTED]'.
