[ On Friday, January 14, 2000 at 21:46:40 (-0500), Brian Dickson wrote: ]
Subject: Re: Fw: Administrivia: ORBS
I think the issue most people aren't certain of, is when is it reasonable to test a machine, in the manner ORBS does?
I've never actually proposed pre-emptive scanning in forum as big as this before! Thanks Brian! :-) What I mean is that the last time I proposed this idea (or at least one almost the same) in a much smaller mailing list there were nearly lynch mobs coming down the wires! :-) It would still be interesting to try and estimate how much extra bandwidth and system resources a site like AOL would require to implement this, even against just the ~150k mailers listed in ORBS....
(What would have been really sweet, is if there were separate ports for local deliver (MDA) and transport (MTA). Then, machines with MDA, but no MTA, would never forward mail; they could locally initiate mail, and receive mail for delivery, without being any kind of relay (open or closed). This would reduce the set of hosts needing to be tested, to those with MTA ports accepting connections. It would also mean the default config for any such machine would normally be MDA and no MTA; only MX and Relay machines would have MTA turned on.)
These days I've been unable to find any justifiable need for an unprotected relay of any sort whatsoever. 99% of mailers should be the final delivery point (or at least the transfer point to some private network). The remaining few are ISPs who need to relay from their customers to the world, of course, but so long as they don't make the mistake of smarthosting for un-protected customer MTAs they can simply block relay by restricting it to their own netblocks. Even most MX targets are the final delivery point for the MXed domain. The real problem is that people are still installing mailers that do unprotected relaying by default.
5) Hosts listening to port 25.
[IMHO, Occams razor would have drawn blood already.]
Yup -- IMRSS isn't running any more.... It was a pretty interesting and revealing survey though. I hope someone can do it again too, without publishing the detailed results of course, just so we can measure our progress. -- Greg A. Woods +1 416 218-0098 VE3TCP <gwoods@acm.org> <robohack!woods> Planix, Inc. <woods@planix.com>; Secrets of the Weird <woods@weird.com>