North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: anti-spam vs network abuse
I haven not checked NJABL but some of the other other open relay testers use scenarios that are illegal (actually criminal) in California. Roy [email protected] wrote: > We (Atlantic.Net) have gotten a flurry of abuse complaints from people > who's systems have been scanned by 209.208.0.15 (rt.njabl.org...a DNSBL > hosted on our network). I'm hoping the new PTR record will head off many > complaints now. > > For the past 15 months, NJABL has reactively tested systems that have > connected to participating SMTP servers to see if those systems are open > relays. Just over a week ago, NJABL added open proxy testing to its relay > testing software. The proxy testing checks for a variety of common proxy > software/protocols on about 20 different ports simultaneously. This is > apparently setting off some IDS/firewall alarms. > > We do not consider what NJABL does abuse, and we reply to all the > complaints explaining that the complainant should go have a look at > http://njabl.org/ and hopefully they'll understand why their system was > scanned. > > This sort of activity is becoming more common / mainstream, so people > ought to just get used to it. Road Runner is doing the same thing > (according to http://sec.rr.com/probing.htm) which is pretty ironic given > how their security department has gotten along with (or not) various > DNSBLs in the past. > > BTW...in the week that NJABL has been testing for open proxies, more than > 18000 have been detected, pretty much all of which are actively being > abused by spammers, else mail would not have come through them. > > ---------------------------------------------------------------------- > Jon Lewis *[email protected]*| I route > System Administrator | therefore you are > Atlantic Net | > _________ http://www.lewis.org/~jlewis/pgp for PGP public key_________
|