Dean, perhaps I am not fully understanding your logic behind not closing your relays. I have been a systems administrator for 4 years and I have not ever found an application where I needed to leave my SMTP relays open to the world. I do not doubt that you have legitimate business purposes in mind when opening your relay, but at some point you must decide that legal action will be too slow to fix anything and that it might be a good time to close your relays to aleviate other problems. Simply saying "I shouldn't need locks on my doors because everyone should be honest and never come into my house without my permission," dosen't cut it in this world, and I am quite sure that you have locks on every portal to your house, so why should your SMTP server be any different? Taking such a stance and refusing to close your relays is simply a foolish decision. Closing mail relays isn't very hard, and qmail and sendmail (and probably the handfull of NT mailers) both have ways of implementing a POP3-before-SMTP system so you can "allow" relaying from anywhere on the planet without having to worry about abusers (as long as the abusers don't have the login information for a POP box). I suggest that you investigate implementing POP-before-SMTP if you wish to leave your relays open to everyone, as well as setting up RBL support on your server, in the end it helps everyone by stopping one more potential spam outlet. -Robert Gash PS- and don't think that just having "private" IPs that are publically accessible to the net will stop anything. I use a cablemodem at home and we have co-located equipment where I work, and it is constantly being scanned for open vulnerabilities (including open SMTP relays, so you can rest assured that someone will find you out sooner or later). On Mon, 22 Nov 1999, Dean Anderson wrote:
These are coming from Mass, Cleveland, Ohio, and Virginia.
We use our relays for legitimate business purposes. They are not "accidentally left open". We are not going to close them. We are going to pursue abusers civilly and criminally. The FBI assures me that it does not matter criminally that access comes from international sources.
Much of the activity appears to be comming from alleged ANTI-SPAMMERs such as Chris Neill, and Alan Brown and Ron Guillemette who have been inciting attacks against us, posting to alt.2600 and advertising our service. Inciting criminal acts is a criminal act too, I'm pretty sure. We make sure to mention them prominently.
--Dean
Around 11:18 PM 11/21/1999 -0500, rumor has it that Kai Schlichting said:
At 09:16 PM 11/21/99 -0500, Dean Anderson wrote:
Can someone send me a list of *all* AOL netblocks? ARIN's whois only gives back a handful.
I want to block _all_ AOL netblocks, but its tough to find out what they are.
Thanks to a few malicious, radical antispammers (Chris Neill, Alan Brown, etc) we are getting hit with a large number of criminal mail relays. Mostly coming from AOL addresses. We have about a half dozen individual criminal complaints underway.
Don't kid us, Dan. Close your fucking relays (not that any of them talk to my hosts anyhow). If this has to be drummed into your bonehead again: THEY WILL FIND YOUR RELAYS ON THEIR OWN, AND THEY WILL ABUSE THEM, NO MATTER HOW LOUD YOU SCREAM. THEY SIT IN CHINA, PAKISTAN AND KOREA, AND THERE IS NOTHING YOU CAN DO ABOUT THEM SHORT OF CALLING THE WHITEHOUSE AND GETTING THESE PLACES INVADED. Alternatively, you could come to your senses and shut the literal front door of your house now that you've finally noticed the first unsavory characters passing by. A couple years after the rest of us, no doubt.
And they won't need ORBS or any other service to locate you, either. Stop complaining. No more secrets (now that's from Scott Yelich's tagline).
bye,Kai
-- kai@conti.nu "Just say No" to Spam Kai Schlichting Palo Alto, New York, You name it Sophisticated Technical Peon Kai's SpamShield <tm> is FREE! http://SpamShield.Conti.nu | | LeasedLines-FrameRelay-IPLs-ISDN-PPP-Cisco-Consulting-VoiceFax-Data-Muxes WorldWideWebAnything-Intranets-NetAdmin-UnixAdmin-Security-ReallyHardMath
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Plain Aviation, Inc dean@av8.com LAN/WAN/UNIX/NT/TCPIP http://www.av8.com ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++