jlewis@lewis.org wrote:
---------- Forwarded message ---------- Date: Sun, 16 Mar 2003 12:56:30 -0500 From: "W. Mark Herrick, Jr." <markh@va.rr.com> To: jlewis@lewis.org Subject: Re: Your NANOG post
That being said, we have, and will continue to have, a severe issue with so-called 'scanning services', that *proactively* scan IP addresses (e.g., DSBL), or services that accept requests from anywhere to perform 'on-demand' scans (e.g., hatcheck.org) without first requiring (and keeping on hand) proof (e.g., spam-in-hand) that the IP address is a source of spam, open to third party relay, or has an open proxy service.
In other words, it's okay for an ISP to scan systems so long as they receive a connection from the system without spam on hand. However, it is not okay for a 3rd party to do the same scan, despite the fact that using a 3rd party limits the number of scans performed by aggregating the results. Considering how much we complain about route aggregation, I'd think scan aggregation would have a higher interest. FireDaemon is becoming pretty popular after all. -- -Jack