North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Now the idiots at ORBS are probing random dial-ups

  • From: Greg A. Woods
  • Date: Fri Aug 25 10:35:57 2000

[ On Friday, August 25, 2000 at 08:42:33 (-0400), Shawn McMahon wrote: ]
> Subject: Re: Now the idiots at ORBS are probing random dial-ups
> On Wed, Aug 23, 2000 at 05:40:34PM -0700, L. Sassaman wrote:
> > 
> > server at all. Since there's rarely any legitimate reason for someone to
> > be sending mail from a mail server on a dialup line, this easily blocks a
> > large source of spam with little risk.
> Businesses all across the country are going online now with DSL.
> Many DSL providers use PPPoE, putting you smack in the middle of their dialup
> pool.
> So, your information was correct as recently as a year ago, but it's out of
> date now.

How does that change the picture?  It shouldn't be any different!

Many businesses in this region used dial-up lines until connectivity
costs came down.  They often had their own e-mail servers, but they were
still relaying through the ISP's outbound SMTP relay host.

The only difficulty was with massive exploitation of multi-level relays.
It took a lot of time, and a lot of different people putting pressure on
ISP postmasters to make them realise that they were also suffering theft
of service when their customers were forwarding spam through their
mailers.  Finally as a result of major relays being listed repeatedly in
ORBS and other spam-server lists, most ISPs instituted various types of
policies to prevent their customers (and themselves) from being relay
raped.  Some did the simple thing and blocked direct SMTP connections to
and from their customers, forcing all e-mail to be relayed through their
secured servers.  Others perform regular checks of their customer IP
blocks for unauthorised and insecure mail servers.  Even @Home does
regular scans for mail servers for this very reason!

Unless static IP space is delegated directly to a customer then there's
no reason to believe that any mail server running in that space is
legitimate.  SMTP just does not play with dynamic IPs, especially if you
don't have reliable, secure, dynamic DNS updates on both the forward and

							Greg A. Woods

+1 416 218-0098      VE3TCP      <[email protected]>      <robohack!woods>
Planix, Inc. <[email protected]>; Secrets of the Weird <[email protected]>