On Wed, 9 Aug 2000, Greg A. Woods wrote:
[ On Wednesday, August 9, 2000 at 11:08:02 (-0400), David Charlap wrote: ]
Subject: Re: surge in spam email (fwd)
Just keep in mind that your use of ORBS may result in blocking a large amount of legitimate traffic as well as spam.
It's impossible to tell the difference between "legitimate" traffic and unwanted traffic arriving from any mailer that's susceptible to theft of service attacks, and if you want to block lots of spam then you have to block all mail from such mailers. This is also the quickest and most effective way to really get the attention of the admins who control such mailers too, and in doing so put some pressure on them to fix their configurations!
An example of legitimate traffic is an email sent from me to a friend at a different provider. I am unable to send this "legitimate" email to friends at other providers because my mail server has been listed in ORBS "manual" entry database since the begining of the year.. The reason: "DoS attack threats". ORBS failed to mention in their manual entry list that our mail server has never had open relays. We do not block the ORBS testers, and according to ORBS own records, our mail server is secured, properly configured, and does not accept any relay mail -and never has-. ORBS has listed our mail server because some jackass not associated with our company made a DoS attack threat to -obviously- the wrong person. Every attempt to contact ORBS to find out who this person was, what their IP address was, what they said, or any request for any information has gone unanswered and ignored. If you choose to use ORBS, you -will- block "legitimate" traffic, such as this email, from reaching their intended destinations. ORBS is a personal vendetta list (my $0.02 worth). If anyone can give reason for my mail server being on the ORBS list, I would be glad to entertain their findings. Thanks, Brad Baker Director: Network Operations Americanisp brad@americanisp.net 303-984-5700 x12
Greg A. Woods