Danielle writes:
In effect, Above.net is (by filtering the ORBS probes) licensing every single IP in their /16 to spam via the sordid and detailed means that ORBS works to prevent. This is an incorrect assumption? Please educate me as to how this is the wrong way to view this.
There seems to be some sort of implicit assumption in this, and many other postings to NANOG, that if you disagree with ORBS you must be pro-spam, or at least tolerant or neglegent with respect to it. Dave Rand is the CTO of Abovenet. Dave helped found the RBL with Paul Vixie, and has been involved at least on and off with MAPS LLC [I hope this is an accurate one sentence historical summary... someone can correct this if it isn't...]. As far as I can tell, there is no backbone provider which actually responds better to spam problems in its network than Abovenet does. They have one of the best AUPs out there and enforce it very, very well. Various folks who are and/or have been involved with ORBS have had antagonistic relationships with quite a number of other spam fighters over the years. This has led to admitted incidents where non-open-relays were ORBS listed because they were run by people who were disagreeing with ORBS in public. Although any sort of generalization has its flaws, the RBL-centric anti-spam crowd on the spam@zorch list generally believes that ORBS and its approach of netblock scanning and test messages are net abuse, beyond appropriate responses to spam, and that ORBS is run by people who put personal conflicts at the same level as actual spam problems. Part of this obviously is just personality and politics. At the technical and operational level, though, this has significant impacts: a wide number of people who are undoubtedly actively anti-spam believe ORBS scanning constitutes net abuse, and believe that ORBS listing of persons who merely have personal conflicts with ORBS operators is inappropriate for a resource being used by such a large portion of the net. This is more or less the whole reason why RBL/MAPS started the RSS; the RSS is, arguably, what ORBS should have been all along: it doesn't scan for open relays unless a valid report is in hand that the relay is being abused. It uses RBL's professionalism and documented policies so that it has publically known and trusted behaviour rather than arbitrary and personal. For all of those reasons, it is quite possible to be actively and responsibly anti-spam but very much opposed to the methods of ORBS. I personally believe that ORBS has consistently taken actions which are in the long run going to have negative consequences on the efforts to combat spam, such as the personal attack listings and such, and its antagonizing any number of networks by refusing to stop scanning them. I urge anyone who is using ORBS to consider these issues, research the RBL/MAPS approach (http://maps.vix.com/) and reconsider whether ORBS is, in the long run, the approach to spam blocking which is best for you and for your networks. The ORBS approach is not the only viable one, and not the only valid one, and while it does work the negative consequences of its approach should not be ignored. Please note that I am not speaking for MAPS, the RBL, or anyone else in this matter other than myself (I have done some minor stuff for the RBL before but am not actively involved now), though I believe that the consensus opinions from the spam@zorch crowd that I have paraphrased above accurately represent that mailing list / group of people's opinions on the subject. I also would like to note yet again that I am not at this time and have not been for some years a CRL employee, just a shell account end user, and my opinions on this matter should not be associated with CRL in any way. -george william herbert gherbert@crl.com