-----Original Message----- From: owner-nanog@merit.edu [mailto:owner-nanog@merit.edu]On Behalf Of J.D. Falk
On 11/24/99, Dean Anderson <dean@av8.com> wrote:
We respond "Yes, we know. We operate them on purpose for business reasons". At times, I've explained these business reasons in detail. The technical conclusion is then that we have to operate relays.
That's YOUR conclusion, Dean. Others have pointed out methods you could use that don't require the relays to be open. You have chosen to ignore them.
I actually still have a mail-hub with open relay. It is strictly for customer use. However, our customers are from all over the place and therefore I can not restrict access by domain or IP. As has been pointed out before, SMTP AUTH is less than 3-weeks old, unless someone here is willing to go on-record as advocating running pre-beta code in a production environment (No? I didn't think so).
They say "Well, in that case we're going to start committing crimes against your service, posting to alt.2600, inciting attacks, and wasting your time, bandwidth, and computer resources until you agree to close them."
I think everybody on NANOG would agree that what you describe here is an inappropriate response. That does not, however, mean that leaving your relays open is okay.
Actually, I had to close down a business service because of this issue and it disrupted a number of other MHSC business initiatives. The main reason is that many of the planned services could not be delivered without some sort of relaying capability. Yes, SMTP AUTH would have done the job (see above about advocating the use of unstable code) but that wasn't, and still may not be, available. MHSC has no desire to become an access provider, we are a services provider, as is dean. This means that, in order to provide services to someone, with an IP address not in our domain, we HAVE to allow for open relays, or not provide the services. Since when did NANOG become a business censor?