North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

RE: and other impatient Postfix mailers everywhere(fwd)

  • From: Joe Shaw
  • Date: Fri Aug 03 01:43:27 2001

On Thu, 2 Aug 2001, Mitch Halmu wrote:

> > Whatever.  If you find the service valuable, then you'll pay for it, if
> > you don't, then don't use it and go away.
> Valuable? Hehe. FYI, NetSide is on the MAPS RSS blackhole list:

Mitch, some of us would say that anyone who is there because of operating
an open relay is a good thing.

> A detailed account of our "crimes"...

And enough paranoid rambling about giving up control of your network to
Vixie and the government to make even me think you're a loon.  You also
talk about how things have always been.  Lord knows that The Internet has
not evolved over the past 6 years, right Mitch?  The argument that
sendmail has by default traditionally been implemented in an open relay
configuration or that sysadmins are too lazy to change the default config
are not strong arguments for your cause as there are technological
improvements to the existing standards that make it possible to relay
messages for remote users without running an open relay.  Cry all you
want, but the times have changed, and you either evolve or you die.  And
on a related note, I'm assuming that since you're unwilling to support
things like SMTP auth that you're also not willing to implement such
privacy ensuring technologies like TLS or POP w/ SSL.  And if you are
willing to support those new technologies, why not SMTP auth?

Hell, you're not even protecting your customer's privacy and account
information by allowing people to expn and vrfy accounts via your mail
server.  And even if you turned that off, since you allow mail relaying
from anyone, a person looking to harvest accounts or just get account data
could send an e-mail posing as that person to himself and you'd never be
the wiser.

You want to run an open relay, and that's your right to do so.  It's your
hardware, your software, and your time.  But because you run a mail
server does not mean that The Internet at-large has to accept mail from
you if every goon thinking we need ink jet refills or the latest porn can
send mail through your server that ultimately reaches our inboxes.  We
have the right to use a service that promises to stop that from happening.

If you don't like that, then do something constructive about it other than
whining on NANOG.  Every time you post to NANOG it's either on this
subject directly or you move the topic to talk about it.

Joseph W. Shaw II
Network Security Specialist/CCNA
Unemployed.  Will hack for food.  God Bless.
Apparently I'm overqualified but undereducated to be employed.