|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: RBL-type BGP service for known rogue networks?
> I do not see how you would check if a machine is an open relay without > testing, tho. MAPS doesn't test any machine without an incident of SPAM being reported. Does ORBS, in fact, only test relays that have been reported? If so, I'd love to know why I'm on the list, as was reported to me (just yesterday, amusingly enough, by someone who tells me they tag ORBS-listed mail but do not reject it). My outbound mail comes from behind a firewall, and my inbound relay is secured against third-party relay and does not prevent testing by anyone (that's not an invitation to test, by the way). My crime appears to be having an address block in the same prefix as the MAPS people - and not on the Abovenet network. AboveNet (AS6461) does not host MAPS. MAPS is serviced by the AS3357 network, which is owned by the same entity, MFN, that owns the AboveNet network (AS6461). The routing policies of the two networks are *different*. The AS3557 network uses the MAPS RBL feed in BGP mode to attempt to ensure that any address or block on the list *can* communicate with the MAPS staff by email, or reach the various MAPS servers that would allow them to figure out what's going on and how to make it stop. I know, because I made it work that way at MAPS' request. So - I don't run an open relay, which can be verified (and I suppose my logs will be full of tests now that I've mentioned it), so why am I listed on ORBS? My guess is that since I happen to be in a block advertised by AS3557, I got caught up in either the ORBS-Abovenet jihad or the ORBS-MAPS jihad. Stephen
|