I'm glad Road Runner is doing their part to protect the net. :-)
On Fri, 2003-03-14 at 16:44, lfwelty wrote: > Can anyone local comment? > > Don't get yourself in trouble w/ ... > Just interested in a local perspective. > > [disclaimer: I assume all posts are personal opinions unless > explicitly stated otherwise. Do not assume everyone else will > take this position.] > -- > ------------------------------------------------------------------ > Frank Welty | 15401 Weston Parkway, Suite 150 > [EMAIL PROTECTED] | Cary, NC 27513 > Redback Networks | desk:919.678.2175 m: 919.264.7495 > ------------------------------------------------------------------ > ---- > > From: Declan McCullagh <[EMAIL PROTECTED]> > To: [EMAIL PROTECTED] > Subject: FC: Email a RoadRunner address, get scanned by their security system > Date: 14 Mar 2003 15:25:46 -0500 > > > --- > > Date: Fri, 14 Mar 2003 15:22:24 -0500 > Subject: RoadRunner Automated Portscans > From: Gunnar Hellekson <[EMAIL PROTECTED]> > To: [EMAIL PROTECTED] > > After sending an email to a friend at a RoadRunner address, I see this in > my web access log: > > 24.30.199.228 - - [13/Mar/2003:15:11:25 -0500] "CONNECT security.rr.com:25 > HTTP/1.0" 404 535 "" "" > > Basically, RoadRunner tried to spam themselves using my server. I mailed > [EMAIL PROTECTED] about this, and received a canned response, enclosed. It's a > humble response, but woefully inadequate. Have anti-spam measures come to > this? This seems like an ill-considered compromise between privacy and > anti-spam efforts. A blunt instrument that betrays less-than-careful > thinking. The opt-out option, which was revealed only after my complaint, > is even more obnoxious. > > Under their logic, I feel entitled to poke and prod their customers, just > to make sure they don't spam me. Is that fair? I promise to provide an > opt-out if anyone complains. > > I'm curious whether this preemptive measure is effective at all. > > -Gunnar > > >From: "Road Runner Security \[DSR\]" <[EMAIL PROTECTED]> > >Date: Fri Mar 14, 2003 2:05:12 PM America/New_York > >Subject: Re: Port scans? > > > >Hello, > > > >The securityscan.sec.rr.com machine is a Road Runner Security resource that > >is used as a tool to assist us in determining if machines being used to > >send us mail may be abused from outside sources, allowing them to be used > >to spam our customers and role accounts. We fully understand your concerns > >surrounding the probing of your machine. This issue has been raised > >internally and we hope this email helps you better understand our process. > > > >The intention of this process is truly not meant to be a "big brother" > >system, but we understand that some may view it as such. Our ultimate goal, > >however, is to protect our network, our customers, and our role accounts. > > > >Road Runner has begin the REACTIVE testing of IP addresses which connect > >to its inbound SMTP gateways. If your machine connects to ours to send > >email, we reserve the absolute right to perform SMTP relay and open proxy > >server tests upon the connecting IP address to ensure that the machine at > >that IP address cannot be abused for malicious > purposes. > > > >These scans are done once per week per IP, via an automated process, and > >only on those servers that have sent our subscriber base mail. The only > >way for these tests to occur is if an IP address connects to our inbound > >SMTP gateway. If found to be an open proxy or smtp relay, the IP address > >will be blocked at our mail gateway borders with one of the following > >error messages: > > > >ERROR:5.7.1:550 Mail Refused - See > >http://security.rr.com/mail_blocks.htm#proxy > >ERROR:5.7.1:550 Mail Refused - See > >http://security.rr.com/mail_blocks.htm#relay > > > >We understand that some entities may not wish to be scanned as part of this > >automated process. If you do not wish to be tested by Road Runner, there > >are two ways to accomplish this: > > > >1. Send an e-mail to '[EMAIL PROTECTED]' with the IP address that > >you do not wish to be tested. Please note that if you are not the > >designated contact for your IP address range (for example, if you are on a > >cable modem, DSL, or dialup range), we will be unable to fulfill your > >request for addition or removal. > >2. Do not connect to our inbound SMTP servers. Again, this test is only > >conducted on servers that connect to our servers. > > > >If you have any further questions, you can visit http://security.rr.com or > >contact Road Runner Security via e-mail at '[EMAIL PROTECTED]' > > > >Regards, > >Road Runner Security > > > > > > ------------------------------------------------------------------------- > POLITECH -- Declan McCullagh's politics and technology mailing list > You may redistribute this message freely if you include this notice. > To subscribe to Politech: http://www.politechbot.com/info/subscribe.html > This message is archived at http://www.politechbot.com/ > Like Politech? Make a donation here: http://www.politechbot.com/donate/ > ------------------------------------------------------------------------- > Declan McCullagh's photographs are at http://www.mccullagh.org/ > ------------------------------------------------------------------------- > > _______________________________________________ TriLUG mailing list http://www.trilug.org/mailman/listinfo/trilug TriLUG Organizational FAQ: http://www.trilug.org/~lovelace/faq/TriLUG-faq.html
