On Thu, 24 May 2001, Dave Rand wrote:
The MAPS RSS(sm) is a list of open relays *which have been abused*. These are sites which have been reported to MAPS as open relays, and have spam samples. Once the spam has been verified, a test is performed to verify that the site is, indeed, an open relay. If a sample message is accepted, and then returned by the site as a relay, the host is listed. Removal from the RSS requires that the host no longer relays. Automated probes are never done - a human must request the test, and spam must be available. Because of the very large number of hosts listed (around 100,000 as I write this), it's generally used in DNS mode only. It's pretty easy to get a host which is an open relay that has transmitted spam onto the list. Between 100 and 1,500 hosts per day are added, and hundreds per day are taken off (as soon as they let MAPS know that the relay has been closed).
Very interesting statistics. It gives you a clear picture of the magnitude of the squeeze. Now I understand why such heavy hammer was needed at the helm full-time. Supposing that 100,000 server owners plus those forcibly 're-educated' get together and do something about it, like scream, or jump of a 12 inch stool, or donate $10 each, would they be able to shake Dave off his high horse? How about if they also rally their users that were suddenly cut off? The collateral damage in blocking 100,000 hosts is simply unacceptable. Especially because there are only a few hundred die-hard professional spammers that need to be rooted out, and the problem diminishes, or at least becomes manageable in another way. As an ISP, I have yet to see a list of black sheep compiled consisting of individuals, spam companies, or credit cards used to defraud that should not be subscribed. Banks share such information, why can't ISPs? No matter how noble the cause, the methods are wrong. In all the debate, it was perhaps lost that no viable technological solution to roaming, meaning one that is happily accepted by the end user, exists yet. And please don't mention SMTP Auth, it's not perfected yet. --Mitch NetSide