On August 9, 2000 at 12:25 woods@weird.com (Greg A. Woods) wrote:
It's impossible to tell the difference between "legitimate" traffic and unwanted traffic arriving from any mailer that's susceptible to theft of service attacks, and if you want to block lots of spam then you have to block all mail from such mailers. This is also the quickest and most effective way to really get the attention of the admins who control such mailers too, and in doing so put some pressure on them to fix their configurations!
On the other hand they've been at this relay-blocking stuff for years and spam just goes up and up and the spam technology gets better and better. That's the problem, sounds good, no measurables. It all stands on a sales pitch, basically.
From here it looks like spammers are mining relays in the orient and other locales and able to come up with them by the hundreds and switch in seconds automatically if one is blocked.
Attached is a list of 60 different open relays one spammer used on us just yesterday (the number is number of spams sent before we blocked it.) I say the emperors (ORBS et al) have no clothes, and they're mostly not worth the effort and noise they cause in their campaign to harangue the (mostly) honest by shaking doors to make sure they're locked lest a crook get in. There are just way too many doors and these efforts are kinda like King Knute ordering the tide not to come in (enough metaphors yet?) We need laws, there are thus far no viable technical solutions to spam, and any claim otherwise is IMHO acting in the spammers' interests (since a legislator would love to punt on the belief that we just need to close a few more relays and the problem is solved.) Anyhow: Where are the measurables? 119 entoo.connect.com.au 112 mailsite.dmn.com.au 64 root@www.awf.poznan.pl 56 www.nehls.de 51 berbigao.ciberdados.pt 48 margaux.vital.co.uk 48 203.106.85.201 47 scutter.tele2.net.uk 38 host-195.certex.se 36 213.162.13.133 36 202.3.41.183 33 yarrina.connect.com.au 29 203.126.68.25 28 www.franchise.org.au 28 194.216.173.150 27 mail@203.31.165.4 27 203.116.209.155 24 mta2-rme.xtra.co.nz 24 202.138.13.204 23 www.ctonline.it 22 mta1-rme.xtra.co.nz 22 IDENT:root@tulip.swiftech.net.sg 20 wellington.csi.net.uk 19 asterix.rain.fr 18 twtpemr2.acer.com.tw 18 root@loxy.swiftech.net.sg 18 fwuser@c3n12p5.calypso.net 18 194.186.224.133 18 193.222.60.31 17 ubistb.ubi.pt 16 serv2.is1.u-net.net 16 mta3-rme.xtra.co.nz 16 acemail2.acenet.net.au 15 venus.i3-service.de 15 firewall-user@203.103.72.218 14 194.74.63.249 13 relay.iunet.it 12 mta4-rme.xtra.co.nz 11 aslmsin.com.sg 10 domino.sanitrans.org 6 beer.uven.ru 4 194.172.92.34 3 212.35.64.5 2 rubis.promo.oleane.com 2 mitra.conexis.es 2 203.39.3.182 1 zippy.ims.net 1 skate.cape.com 1 posets.cepymearagon.es 1 c3n12p5.calypso.net 1 aloha.webkahuna.com 1 212.34.192.20 1 212.15.64.10 1 210.63.96.18 1 203.62.199.3 1 203.123.5.231 1 195.141.231.195 -- -Barry Shein Software Tool & Die | bzs@world.std.com | http://www.TheWorld.com Purveyors to the Trade | Voice: 617-739-0202 | Login: 617-739-WRLD The World | Public Access Internet | Since 1989 *oo*