I'd just *LOVE* to hear how you intend to avoid the same problems that the crew from ORBS ran into with one large provider who decided to block their
From: Valdis.Kletnieks probes.
Failing to address that scenario will guarantee failure....
Run the probes from the DNS root servers. Problem solved. Go ahead and block them. haha. Seriously, I do understand that some networks would block the probes. This is to be expected. Many of these same networks block probes from current lists or issue "do not probe" statements. A network is more likely to concede to tests from a central authority that limits what is tested and how often if it means the reduction of scans from numerous sources for lists such as DSBL. The only way such a resource would work is if the largest networks back it. Blocking the scans at a TCP/IP level is easily detectable. Provider received email from said server, IP was submitted for testing, no connection can be established to said server. Place it in the "wouldn't allow scan list". Politely ask AOL to use the "wouldn't allow scan list" for all inbound smtp connections. People want the abuse of unsecured relays for smtp stopped. I'm afraid it is a choice of the lesser of two evils. The scans are going to happen no matter what. The question is, will administrators accept that a single run of a test suite on a server that has established connections to other servers is better than just having the entire 'net issuing their own scans? Am I wrong in assuming that a majority of networks use smtp and do not wish the abuse of their servers? -Jack