[ On Sunday, July 9, 2000 at 20:51:23 (-0400), Shawn McMahon wrote: ]
Subject: Re: RBL-type BGP service for known rogue networks?
Unfortunately, it allows for contradictions in this discussion.
No, it doesn't, at least not so long as everyone understands the differences in different policy requirements. I happen to have several separate and distinct policy requirements for my SMTP server(s): - don't ever accept e-mail from any known open relay or any network block which has known open relays but won't allow finer testing. - don't ever accept e-mail from any known dial-up address. - don't ever accept e-mail from any known spammer. - don't ever allow a remote SMTP server to forge its hostname. - don't ever allow the sender address domain to be invalid.
At least one pro-ORBS person has stated that individuals should make direct SMTP connections instead of using their provider's server, and they could thus avoid being subject to ORBS testing of their provider.
Oh, but sorry; if I do that, I can't send Greg A. Woods email, because his system doesn't recognize the value in my system having the name "oa.eiv.com" all the time, instead of me hacking together sed scripts to change my sendmail config to read something like "user1432.fl.sprint-hsd.net" every time I get a new dynamic IP.
You've confused my policy requirements. Please see above.
If I switch to using my provider's SMTP server, now I have a security issue because it's going through a server I don't control and which could conceivably screw up and get itself ORBS-listed at any moment, completely outside my control.
Use PGP and encrypt your e-mail if you want security and control. Either that or buy yourself a real Internet connection with a static address and run your own *real* SMTP server. -- Greg A. Woods +1 416 218-0098 VE3TCP <gwoods@acm.org> <robohack!woods> Planix, Inc. <woods@planix.com>; Secrets of the Weird <woods@weird.com>