North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

RE: Affects of the balkanization of mail blacklisting

  • From: David Luyer
  • Date: Tue Aug 14 06:41:02 2001

On 14 Aug 2001 05:55:56 -0400, Mitch Halmu wrote:

> I suspect that many other list members run, or are employed, by
> businesses, and make business decisions, rather than personal ones.
> I also happen to view Internet access as a service similar to those 
> provided by a common carrier.

You publically advertised repeatedly that you run an open relay.  If it
weren't for the RBL (and presumably your link size, as an ISP without
an ASN and running a single MX) your open relay would be streaming full
of UBE.  As it is, you're lucky -- your open relay is "poisoned" by
being on many blacklists so spammers probably don't bother with
it as much as other, "fresh" open relays.

RBL, and formerly ORBS, are/were useful services.  ORBS was a bit more
contraversial than RBL/MAPS but still far more mature than those
who have come to replace it such as ORBZ and ORBL, who have things
like mandatory 24 hour delays before they'll do a re-check to
confirm a relay as fixed and remove it from their lists.

As I'm sure most medium sized ISPs can tell you, you can't be on
RBL without significant customer complaints.  ORBS listing would
also attract a reasonable amount of complaints.  RBL and ORBS listings
were sufficient to coerce the largest non-multinational ISPs in
Australia to change their ways and become more careful about

Another way of saying it - relay blocking lists (in general, not
just RBL) are the e-mail communities' equivalent to the Usenet
Death Penalty, which in turn has caused many a large ISP to
review their Usenet spam problems -- possibly not as effectively.

You talk of government control.  The Internet doesn't exist under
one government.  Even the ISP I work for spans half a dozen
governments ranging from one with extreme censorship, a virtual
police state to a country where it costs less than a single note to
get someone killed.  Consider this.  The users vote with their
custom to the ISP.  The ISPs vote with their configuration and
choose the trusted community members who can determine who is
right and who is wrong.  Paul Vixie is one of those trusted
members of the internet community.

As to inconvenience, in each country we handle multi-level open
relay cases involving our clients daily.  At a university I worked
at, I developed a class B network scanner to scan for open relays
in a class B of address space in under a minute in order to prevent
open relays at the university.  Initially there were many hundreds;
in fact, in March 1998, 255 of our 394 mail servers at that
university were open relays.  But by August that year, that number
had dropped to 13 of the 230 machines which remained as mail servers
(almost half the machines which were running e-mail servers at
the university were doing it because it was installed by default).

Sure, it's a major hassle to clamp down on all open relays -- but
open relays are used for the transfer of massive amounts of spam to
avoid the blacklisting of the original source.

We're even having to code new restrictions for scripts
all over the place because spammers are abusing scripts
(forged headers to make the submission look legit to the traditional
criteria for a valid post) out of desperation now that open relays
are becoming increasingly rare.
I guess you block SpamCop reports too as an intrusion on your time
or your free rights to determine what is abuse and what isn't?
David Luyer                                     Phone:   +61 3 9674 7525
Engineering Projects Manager   P A C I F I C    Fax:     +61 3 9699 8693
Pacific Internet (Australia)  I N T E R N E T   Mobile:  +61 4 1111 2983                      NASDAQ:  PCNTF