North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Fw: Administrivia: ORBS

  • From: Edward S. Marshall
  • Date: Thu Jan 13 21:32:42 2000

On Fri, 14 Jan 2000, Alex P. Rudnev wrote:
> > So if I am an open relay, and I know it, all I have to do is block ORBS to 
> > continue without fear of reprisal?
> Until no one use you as open spam-relay, it's not more than your personal
> concern.

If you're running an attractive nuisance, it's simply a matter of time
until someone -does- find you.

ORBS is simply being proactive about it, on advisement from people around
the Internet.

> What ORBS is doing is like some man who is walking by the street and,
> if you forgot to close your car, break the ignition locks and write
> message _dear sir; you did not closed your car, and it could be stolen
> or used for the crime; to prevent it, I broke your car - now bad guys
> could not abuse it for their dark purposes_. Guess when this man
> finish his work?

ORBS is NOT damaging your car, your network, or your ability to provide
service. ORBS is merely letting you know that you left your car parked
without the emergency brake on, and that it might roll down the hill and
run over someone when you're not looking. And it's letting people who
might be in the area know too. Yes, this means that someone might give
your car a quick shove down the hill. But it also means people can get out
of the way first. Aren't analogies fun?

ORBS is simply investigating and reporting mail servers which are provable
open relays, and netblocks which are unverifiable due to administrative
choice (either requesting addition to the listing, or by blocking the
testers). It's making use of information that is easily obtainable, on the
suggestion from someone who has probably already checked that you might be
a good choice to investigate (meaning someone has already noticed you, and
you're not hidden from view anymore).

I get regular ORBS probes, and I welcome them. As long as my service is
not directly impacted by those probes (ie. they start bogging down my
systems with tests, or consume a noticable chunk of bandwidth), I'll
continue to do so.

> Just the same ORBS. It's your concern to have open relay as long as it
> does not bother others.

And it's my prerogative to not listen to your mail server if I believe it
is being operated negligently, if I don't believe your mail is RFC
conformant, or if it's tea time. *shrug* ORBS helps me in making my
decision with the first part. I decide if it's tea time by myself. :-)

Edward S. Marshall <[email protected]>
[                  Felix qui potuit rerum cognoscere causas.                  ]