As this topic has exploded and boiled up to some insane level, I feel I have to summarize a few things here, and point out some simple facts. - Wietse Venema was friendly enough to email me on his own, pointing out that the timeout-waiting-for-SMTP-banner is indeed 300s, as stipulated by RFC 1123. My article indeed contained language saying that I have not researched this, but logically concluded that its operator's dirty hands that are fiddling with the knobs - the fact that Postfix is in the spotlight is probably BECAUSE it uses such small amounts of resources (ram*time product, cpu-time), which makes it popular with very large operators, who yet STILL can't resist making it try to use even less resources in an irresponsible manner. Thanks also go to John A. Martin, who was the first respondent who dumped the Postfix default via "postconf -d|grep 'smtp_.*time'" on me, also showing a SMTP EHLO timeout of 300s. - Wietse Venema had some trouble with his posts to the lists getting silently discarded due to not being member of the NANOG-Post list. Someone at Merit.Central please take note that silent discards rather than proper bounce-backs are not the preferred modus operandi for any mail system. Then again, what do I know about their list mailer :) No thanks to AOL for doing their part of silent discards of legitimate mailing list mail sent to their subscribers. - freeloading users of MAPS RBL (direct DNS queries) vs. people pulling zones as confidential secondaries: this is purely a question of resources: how many DNS queries directed at MAPS consume the same amount of resources as a zone transfer at regular intervals? It's probably a well-known number to MAPS LLC, and highly dependent on the refresh times (10 minutes?) for the zones. And then there is the legal/confidentiality problems, at least with their specific way of running the service. - All the conspiracy theories aside: MAPS has provided a (largely) free service to the community for a number of years, something I wish to profoundly thank them for in this forum. You built, they came. As we all know from the dancing hamster website: sometimes popularity will kill you, because it starts to consume resources that you can no longer afford, not as an individual, not even as a group. Even if your group consists of relatively wealthy MFNX shareholders who had the good fortune of initiating structured longterm sell-offs before the dot-com bubble imploded :) (and I think that a certain NANOG poster has no idea about what is insider trading and what is not in this context) Speculation: ORBS going away has increased pressure on MAPS' resources quite a bit, probably at a time when funding for MAPS was already critical. Someone from MAPS LLC may want to comment on this idle speculation. Their pricing scheme is probably experiemental: how do you price a service in a new market, covering your cost, and not horribly shooting over the mark or making terrible losses? Give these guys a break. I think we can only speculate on the cost of live bodies running the system vs. infrastructure cost - if the infrastructure cost is the lions share, they'd probably happily run 20 secondaries to their zones (legal issues of non-disclosure of their db contents aside), and add however many are needed to keep cost to them at a minimum and the burden to secondary DNS server operators at a minimum. - yesterday's event indeed points at an unintended MAPS failure - some people have speculated that them not answering non-paying networks' DNS queries resulted in an explosion of (then negatively cached) queries. Sometimes during the day, all zones returned to being publicly queryable and available, and the behavior of their servers returned to normal - for the time, so the waves calm down, I am sure. As I asked yesterday: how do you shred/drop traffic you are no longer willing to accept while continuing to provide the same service to a select group of (paying) subscribers? A tough cookie as far as DNS is concerned, as former ORBS DNS secondary provider Ronald F. Guilmette found out a while ago: the left-over DNS queries for the defunct ORBS zones started to kill his limited bandwidth, and he was the one starting to answer all ORBS zone queries positively, as a means to 'notify' operators by means of their mail systems starting to reject every single piece of mail they received. Identifying and contacting all querying operators (1000's) was likely beyond his means, rather than his abilities. - notifying users of DNS RBL zones: certainly doable, judging from mail I received as a POC for a netblock, saying that my netblock contained Code Red-infested machine(s). That certainly required a significant effort, and 100,000 queries to whois.arin.net (explaining it's uhm, limited availability lately?). Free services are disappearing from the Internet every single day, and barely ever do you hear about them going away in advance. I am not sure if there is a MAPS/RBL-announce mailing list, but I am just as guilty as a lot of other people for not subscribing to it after starting to use the their RBL zones. - if you don't like MAPS LCC's idea of getting compensated for the resources they spend on running their RBL - go start your own. A few people have tried. A few people have realized the amount of resources required and backed out of it. A few will probably succeed until their resources are getting as drained as MAPS' when their services have grown in popularity. Or, someone do us all a big favor and invent a highly distributed, yet authenticated and trustworthy structure for large-scale distribution of information about sources of abuse, and be able to run it in a less centralized and US-lawyer-vulnerable fashion than say: Napster or my.MP3.com. We can certainly use some new ideas in this field, but that's for the SPAMTOOLS list. bye,Kai