North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Fw: Administrivia: ORBS

  • From: Alex P. Rudnev
  • Date: Sat Jan 15 21:10:24 2000

Just again. The problem is not the mail relay blocking. Most ISP have good AUP's
and in case if you send complain about SPAM source or SPAM relay, they close it
at once.

The problem is not with the RBL list which, of course, cause some headache
amongs the network admins, but is conservative enougph to be used for the
protection - because those and only those hosts are announced by this list which
really are or was the spam relays. This means - we can trust to this list,
because if some relay was really used as the spam relay, it means sysadmin
really is interested to close it's free relaying (at least to stop this spam
relaying), and (because spam relaying waste network and relay resources) he
(sysadmin) usially are doing it. As the result, RBL usage do not cause us to
lost many important mail (through it cause some lost and I can't recommend using
it if you really depend of e-mail for your business or your life).

But ORBS is another issue. Having open relay is not the crime - the crime is
sending (directly or undirectly) the spam. There is different ways to fight the
spam relaying, not the simple relay closing only (for example, you can use smart
filterring, deny relaying for multi address messages only, etc etc). This means
- if someone have mail server, and this server is not sending spam, it's not the
reasons to cause sysadmin to do something with it (even if it's open relay by
the nature). ORBS idea is the opposite - _YOU MUST LOCK YOUR DOOR, if you are
not doing this, we'll enter and spoil the redinks and cause you to close your
door by the keys_. It means - they cause a lot of headache over the network
admins in the situation, when this headache could be avoided by doing NOTHING.

Results are simple - first, it's not possible to use ORBS for those who depends
of the e-mail (and if you use ORBS, my advice is to not use E_MAIL at all),
second - a lot of network admins protects their sysadmins by filtering ORBS out.
Just as the boy from the russion tail - first, he cried every evening _safe me,
mother, it's a wolfs behind me_, then, when he meet the wolf in the forest, no
one helped him because no one trusted him already. Just the same - ORBS list is
the paranoyed list, and no one in the sane mind can trust this list. 

And so, wot for we are discussing the crazy service holded by the paranoyed

On Sat, 15 Jan 2000, Greg A. Woods wrote:

> Date: Sat, 15 Jan 2000 17:22:49 -0500 (EST)
> From: Greg A. Woods <[email protected]>
> Reply-To: North America Network Operators Group Mailing List <[email protected]>
> To: North America Network Operators Group Mailing List <[email protected]>
> Subject: Re: Fw: Administrivia: ORBS
> [ On Saturday, January 15, 2000 at 23:04:14 (+0300), Alex P. Rudnev wrote: ]
> > Subject: Re: Fw: Administrivia: ORBS
> >
> > Their customers != Their blocks, it's the problem. For example, the customers
> > (mail customers) of ISP-1 can work through dialup or ISDN account of the ISP 2,
> > etc. And it makes such access lists very long and relays relatively open (I know
> > ISP whose relays are open for all russion netblocks, not for his own netblocks).
> So long as you're not trying to do this kind of access control on your
> core router there should be no problem.  There are lots of
> high-performance filtering devices available today for very reasonable
> prices, adn you can build your own with free software on commodity
> hardware too.
> -- 
> 							Greg A. Woods
> +1 416 218-0098      VE3TCP      <[email protected]>      <robohack!woods>
> Planix, Inc. <[email protected]>; Secrets of the Weird <[email protected]>

Aleksei Roudnev,
(+1 415) 585-3489 /San Francisco CA/