In <20000117111634.A2644@forge.tanstaafl.de> Henning P . Schmiedehausen (hps@tanstaafl.de) wrote:
> alan@lxorguk.ukuu.org.uk (Alan Cox) writes:
>>> You missed my qualifier. I asked that ORBS not be used while they practice
>>> their policy of global blacklisting. I fully support ORBS in it's efforts
>>> to stop spam by affecting the broken systems. Any servers on Above.net
>>> address space that are open should be listed. The other hundreds of
>>> thousands should remain fully free. Especially when the ones I touch are
>>> listed in the database as anti-spam compliant.
>>> Is generic blacklisting right?
>>Learn to use ORBS properly and -you- get to pick if you filter netblks too
>>or not. Its not hard, if the A record on the check is 127.0.0.4 its a netblk
> This is the problem. Most people just drop the generic "lets use ORBS"
> config into their mailers and don't judge.
> BTW: I just started an experiment: I reported one of my machines,
> which is currently down and turned off and another one, which is up
> but not running SMTP (never will) to ORBS as open relay. I want to
> find out what happens.
> One of the bigger concerns I have with ORBS is the following situation:
> - Joe L. Dialupkiddie [1] dials into his ISP. He is reported to the
> ORBS database by a "friend" from the IRC, his out-of-the-box Linux
> distribution contains an open sendmail which is run at startup (JLD
> does not even know what sendmail is nor does he ever uses it [2]. He
> uses Netscape for Mail). ORBS takes his (dynamically assigned) IP
> address into its database.
> - Some days later, one of our Linux Wizards (lets call him "Khimenko
> Victor") wants to send mail to you. He dials into his ISP, gets the
> address previously used by Joe L. Dialupkiddie and your mailer
> rejects his mail because the address is in the ORBS database.
Oh, no ! It'll not happen ! This address will be rejected via MAPS DUL
(http://mail-abuse.org/dul/) and ORBS will not even come into game !
That's why "our Linux Wizard" should use his IPS's mail relay to send mail
(or to get statically assigned address). And he doing that :-)
=>> Using ORBS has damaged your communication.
> This scenario is the main reason I don't use ORBS for the mailers I
> administrate. In an age where IP address reuse and masquerading is
> done in big numbers, it is simply unfair to block on addresses. You
> can and you will hit the wrong people.
There are no "magic bullet". You can allow lots of spam or you can reject
legal mail. Thus there are quite a few lists: MAPS RBL, MAPS RSS, MAPS DUL
and ORBS. You have choice.
> And it is unfair on ORBS to put the load on the ISPs. I do consulting
> at an ISP where we have > 10.000 dialup customers. About 5% of these
> use Linux on a regular base for dialling up which is about 500 users.
You can block all SMTP to/from that dial-up accounts :-) And this is EXACTLY
what should be done.
> All of these consider themselves "computer whizzes" just because they
> can insert a Linux CD into their drives and follow the out-of-the-box
> instructions. None of these will ever be persuaded by an "admin from
> your ISP" that they're doing something wrong because they're fourteen
> years old, 3LiT3 because they're running L1n|_|xZ and would never
> listen to the advice of "old men which are not c00L". 99% of these
> don't even know what a sendmail is, neither that they run one. Neither
> how to prevent "SPAM blocking" on their mailers.
Even less amount of them NEED SMTP servers there. And is 100 peoples out of
10000 really need SMTP by some strange reason they can be educated and after
that you can open SMTP for them. With static IP. Usually with for additional
fee. It's NORMAL ISP's policy.
> They damage the other > 9500 regular dialup users because some of the
> dialup-addresses were put into ORBS.
They damage only 100 "superadvanced" users. Other 9400 will use ISP's relay
anyway and will not be affected.
> And the blame is put on the ISP (which is proactive against SPAM. We used to
> run smtpd for a very long time before ORBS until they finally found a way
> around it. Now we're using another tool).
> We submit our mailservers to ORBS on a regular base for retesting and
> come out clean. And still we're hit and some of our dialup addresses
> are in the ORBS database. We have about 50 Class C networks, which
> sums up to > 12000 IP addresses. Do you want us to scan all of the
> addresses from the ORBS database to find out whether we're in there?
No. You just do not need SMTP server on 12000 IP addresses. If some adresses
assigned to your customers THEY should work with ORBS. Dialup users should use
your mail relay. No need to scan all 12000 IP addresses in ORBS
database - only few SMTP servers should be checked.
> Don't tell me, that we don't 'do enough'. We're putting a lot of work
> into our mailers, but there are limits.
> Personally I'm with George Bonser. The ORBS people and the people who
> support them are IMHO doing damage to the net because they haven't
> thought about all possible scenarios.
What about MAPS DUL ?
> [1] He calls himself "L." because he is a "Linux wizard"
> [2] My experiment should find out whether if he drops offline and
> somebody else without SMTP daemon / nobody dials up, the address
> would still get listed into ORBS. If yes, I'm willing to report the full
> dialup netblocks of AOL and T-Online into ORBS and see what happens when
> two >> $150 billion companies [3] start looking for the ORBS guys... [4]
> [3] AOL Time Warner and Deutsche Telekom
> [4] Nuking NZ I would presume.
Then try and see :-) Why you are just talking about that ?
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Sun Jan 23 2000 - 21:00:15 EST