North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Fw: Administrivia: ORBS

  • From: George Herbert
  • Date: Sun Jan 16 18:11:16 2000

Danielle writes:
>In effect, is (by filtering the ORBS probes) licensing every
>single IP in their /16 to spam via the sordid and detailed means that
>ORBS works to prevent.
>This is an incorrect assumption? Please educate me as to how this is the 
>wrong way to view this.

There seems to be some sort of implicit assumption in this,
and many other postings to NANOG, that if you disagree with
ORBS you must be pro-spam, or at least tolerant or neglegent
with respect to it.

Dave Rand is the CTO of Abovenet.  Dave helped found the RBL 
with Paul Vixie, and has been involved at least on and off
with MAPS LLC [I hope this is an accurate one sentence historical
summary... someone can correct this if it isn't...].   As far as
I can tell, there is no backbone provider which actually responds
better to spam problems in its network than Abovenet does.
They have one of the best AUPs out there and enforce it very, very well.

Various folks who are and/or have been involved with ORBS have
had antagonistic relationships with quite a number of other
spam fighters over the years.  This has led to admitted incidents
where non-open-relays were ORBS listed because they were run by people
who were disagreeing with ORBS in public.  Although any sort of
generalization has its flaws, the RBL-centric anti-spam crowd
on the [email protected] list generally believes that ORBS and its approach
of netblock scanning and test messages are net abuse, beyond appropriate
responses to spam, and that ORBS is run by people who put personal
conflicts at the same level as actual spam problems.

Part of this obviously is just personality and politics.
At the technical and operational level, though, this has
significant impacts: a wide number of people who are undoubtedly
actively anti-spam believe ORBS scanning constitutes net abuse,
and believe that ORBS listing of persons who merely have
personal conflicts with ORBS operators is inappropriate
for a resource being used by such a large portion of
the net.  This is more or less the whole reason why
RBL/MAPS started the RSS; the RSS is, arguably, what ORBS
should have been all along: it doesn't scan for open
relays unless a valid report is in hand that the relay
is being abused.  It uses RBL's professionalism and
documented policies so that it has publically known and
trusted behaviour rather than arbitrary and personal.

For all of those reasons, it is quite possible to be
actively and responsibly anti-spam but very much opposed
to the methods of ORBS.  I personally believe that ORBS
has consistently taken actions which are in the long
run going to have negative consequences on the efforts
to combat spam, such as the personal attack listings
and such, and its antagonizing any number of networks
by refusing to stop scanning them.  I urge anyone who
is using ORBS to consider these issues, research the
RBL/MAPS approach ( and reconsider
whether ORBS is, in the long run, the approach to spam
blocking which is best for you and for your networks.
The ORBS approach is not the only viable one, and not
the only valid one, and while it does work the negative
consequences of its approach should not be ignored.

Please note that I am not speaking for MAPS, the RBL,
or anyone else in this matter other than myself
(I have done some minor stuff for the RBL before but am not
actively involved now), though I believe that the consensus
opinions from the [email protected] crowd that I have paraphrased
above accurately represent that mailing list / group of
people's opinions on the subject.  I also would like to
note yet again that I am not at this time and have not
been for some years a CRL employee, just a shell account
end user, and my opinions on this matter should not be
associated with CRL in any way.

-george william herbert
[email protected]