These are coming from Mass, Cleveland, Ohio, and Virginia. We use our relays for legitimate business purposes. They are not "accidentally left open". We are not going to close them. We are going to pursue abusers civilly and criminally. The FBI assures me that it does not matter criminally that access comes from international sources. Much of the activity appears to be comming from alleged ANTI-SPAMMERs such as Chris Neill, and Alan Brown and Ron Guillemette who have been inciting attacks against us, posting to alt.2600 and advertising our service. Inciting criminal acts is a criminal act too, I'm pretty sure. We make sure to mention them prominently. --Dean Around 11:18 PM 11/21/1999 -0500, rumor has it that Kai Schlichting said:
At 09:16 PM 11/21/99 -0500, Dean Anderson wrote:
Can someone send me a list of *all* AOL netblocks? ARIN's whois only gives back a handful.
I want to block _all_ AOL netblocks, but its tough to find out what they are.
Thanks to a few malicious, radical antispammers (Chris Neill, Alan Brown, etc) we are getting hit with a large number of criminal mail relays. Mostly coming from AOL addresses. We have about a half dozen individual criminal complaints underway.
Don't kid us, Dan. Close your fucking relays (not that any of them talk to my hosts anyhow). If this has to be drummed into your bonehead again: THEY WILL FIND YOUR RELAYS ON THEIR OWN, AND THEY WILL ABUSE THEM, NO MATTER HOW LOUD YOU SCREAM. THEY SIT IN CHINA, PAKISTAN AND KOREA, AND THERE IS NOTHING YOU CAN DO ABOUT THEM SHORT OF CALLING THE WHITEHOUSE AND GETTING THESE PLACES INVADED. Alternatively, you could come to your senses and shut the literal front door of your house now that you've finally noticed the first unsavory characters passing by. A couple years after the rest of us, no doubt.
And they won't need ORBS or any other service to locate you, either. Stop complaining. No more secrets (now that's from Scott Yelich's tagline).
bye,Kai
-- kai@conti.nu "Just say No" to Spam Kai Schlichting Palo Alto, New York, You name it Sophisticated Technical Peon Kai's SpamShield <tm> is FREE! http://SpamShield.Conti.nu | | LeasedLines-FrameRelay-IPLs-ISDN-PPP-Cisco-Consulting-VoiceFax-Data-Muxes WorldWideWebAnything-Intranets-NetAdmin-UnixAdmin-Security-ReallyHardMath
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Plain Aviation, Inc dean@av8.com LAN/WAN/UNIX/NT/TCPIP http://www.av8.com ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Dean, you're wasting bandwidth on this list. If you are running open relays CLOSE THEM. And shut up. Ehud
These are coming from Mass, Cleveland, Ohio, and Virginia.
We use our relays for legitimate business purposes. They are not "accidentally left open". We are not going to close them. We are going to pursue abusers civilly and criminally. The FBI assures me that it does not matter criminally that access comes f
Much of the activity appears to be comming from alleged ANTI-SPAMMERs such as Chris Neill, and Alan Brown and Ron Guillemette who have been inciting attacks against us, posting to alt.2600 and advertising our service. Inciting criminal acts is a crimina
--Dean
Around 11:18 PM 11/21/1999 -0500, rumor has it that Kai Schlichting said:
At 09:16 PM 11/21/99 -0500, Dean Anderson wrote:
Can someone send me a list of *all* AOL netblocks? ARIN's whois only gives back a handful.
I want to block _all_ AOL netblocks, but its tough to find out what they are.
Thanks to a few malicious, radical antispammers (Chris Neill, Alan Brown, etc) we are getting hit with a large number of criminal mail relays. Mostly coming from AOL addresses. We have about a half dozen individual criminal complaints underway.
Don't kid us, Dan. Close your fucking relays (not that any of them talk to my hosts anyhow). If this has to be drummed into your bonehead again: THEY WILL FIND YOUR RELAYS ON THEIR OWN, AND THEY WILL ABUSE THEM, NO MATTER HOW LOUD YOU SCREAM. THEY SIT IN CHINA, PAKISTAN AND KOREA, AND THERE IS NOTHING YOU CAN DO ABOUT THEM SHORT OF CALLING THE WHITEHOUSE AND GETTING THESE PLACES INVADED. Alternatively, you could come to your senses and shut the literal front door of your house now that you've finally noticed the first unsavory characters passing by. A couple years after the rest of us, no doubt.
And they won't need ORBS or any other service to locate you, either. Stop complaining. No more secrets (now that's from Scott Yelich's tagline).
bye,Kai
-- kai@conti.nu "Just say No" to Spam Kai Schlichting Palo Alto, New York, You name it Sophisticated Technical Peon Kai's SpamShield <tm> is FREE! http://SpamShield.Conti.nu | | LeasedLines-FrameRelay-IPLs-ISDN-PPP-Cisco-Consulting-VoiceFax-Data-Muxes WorldWideWebAnything-Intranets-NetAdmin-UnixAdmin-Security-ReallyHardMath
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Plain Aviation, Inc dean@av8.com LAN/WAN/UNIX/NT/TCPIP http://www.av8.com ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Dean, perhaps I am not fully understanding your logic behind not closing your relays. I have been a systems administrator for 4 years and I have not ever found an application where I needed to leave my SMTP relays open to the world. I do not doubt that you have legitimate business purposes in mind when opening your relay, but at some point you must decide that legal action will be too slow to fix anything and that it might be a good time to close your relays to aleviate other problems. Simply saying "I shouldn't need locks on my doors because everyone should be honest and never come into my house without my permission," dosen't cut it in this world, and I am quite sure that you have locks on every portal to your house, so why should your SMTP server be any different? Taking such a stance and refusing to close your relays is simply a foolish decision. Closing mail relays isn't very hard, and qmail and sendmail (and probably the handfull of NT mailers) both have ways of implementing a POP3-before-SMTP system so you can "allow" relaying from anywhere on the planet without having to worry about abusers (as long as the abusers don't have the login information for a POP box). I suggest that you investigate implementing POP-before-SMTP if you wish to leave your relays open to everyone, as well as setting up RBL support on your server, in the end it helps everyone by stopping one more potential spam outlet. -Robert Gash PS- and don't think that just having "private" IPs that are publically accessible to the net will stop anything. I use a cablemodem at home and we have co-located equipment where I work, and it is constantly being scanned for open vulnerabilities (including open SMTP relays, so you can rest assured that someone will find you out sooner or later). On Mon, 22 Nov 1999, Dean Anderson wrote:
These are coming from Mass, Cleveland, Ohio, and Virginia.
We use our relays for legitimate business purposes. They are not "accidentally left open". We are not going to close them. We are going to pursue abusers civilly and criminally. The FBI assures me that it does not matter criminally that access comes from international sources.
Much of the activity appears to be comming from alleged ANTI-SPAMMERs such as Chris Neill, and Alan Brown and Ron Guillemette who have been inciting attacks against us, posting to alt.2600 and advertising our service. Inciting criminal acts is a criminal act too, I'm pretty sure. We make sure to mention them prominently.
--Dean
Around 11:18 PM 11/21/1999 -0500, rumor has it that Kai Schlichting said:
At 09:16 PM 11/21/99 -0500, Dean Anderson wrote:
Can someone send me a list of *all* AOL netblocks? ARIN's whois only gives back a handful.
I want to block _all_ AOL netblocks, but its tough to find out what they are.
Thanks to a few malicious, radical antispammers (Chris Neill, Alan Brown, etc) we are getting hit with a large number of criminal mail relays. Mostly coming from AOL addresses. We have about a half dozen individual criminal complaints underway.
Don't kid us, Dan. Close your fucking relays (not that any of them talk to my hosts anyhow). If this has to be drummed into your bonehead again: THEY WILL FIND YOUR RELAYS ON THEIR OWN, AND THEY WILL ABUSE THEM, NO MATTER HOW LOUD YOU SCREAM. THEY SIT IN CHINA, PAKISTAN AND KOREA, AND THERE IS NOTHING YOU CAN DO ABOUT THEM SHORT OF CALLING THE WHITEHOUSE AND GETTING THESE PLACES INVADED. Alternatively, you could come to your senses and shut the literal front door of your house now that you've finally noticed the first unsavory characters passing by. A couple years after the rest of us, no doubt.
And they won't need ORBS or any other service to locate you, either. Stop complaining. No more secrets (now that's from Scott Yelich's tagline).
bye,Kai
-- kai@conti.nu "Just say No" to Spam Kai Schlichting Palo Alto, New York, You name it Sophisticated Technical Peon Kai's SpamShield <tm> is FREE! http://SpamShield.Conti.nu | | LeasedLines-FrameRelay-IPLs-ISDN-PPP-Cisco-Consulting-VoiceFax-Data-Muxes WorldWideWebAnything-Intranets-NetAdmin-UnixAdmin-Security-ReallyHardMath
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Plain Aviation, Inc dean@av8.com LAN/WAN/UNIX/NT/TCPIP http://www.av8.com ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
You have just explained why you are a SysAdmin and not a business operator. The issue is not that closing them is difficult. The issue is that it will ALSO close down a legitimate business.
-----Original Message----- From: owner-nanog@merit.edu [mailto:owner-nanog@merit.edu]On Behalf Of Robert Gash Sent: Monday, November 22, 1999 12:45 PM To: Dean Anderson Cc: nanog@merit.edu Subject: Re: ARIN whois
Dean, perhaps I am not fully understanding your logic behind not closing your relays. I have been a systems administrator for 4 years and I have not ever found an application where I needed to leave my SMTP relays open to the world. I do not doubt that you have legitimate business purposes in mind when opening your relay, but at some point you must decide that legal action will be too slow to fix anything and that it might be a good time to close your relays to aleviate other problems. Simply saying "I shouldn't need locks on my doors because everyone should be honest and never come into my house without my permission," dosen't cut it in this world, and I am quite sure that you have locks on every portal to your house, so why should your SMTP server be any different? Taking such a stance and refusing to close your relays is simply a foolish decision.
What "legitimate business purposes" necessitate leaving SMTP relays open to the world? While I think spammers shouldn't be spamming, I think you'd find it better to do what you can to stop them from spamming via means you control, i.e. your servers, as opposed to going through the FBI. The FBI has recently stated that their computer crimes people are entirely overworked and way behind. So, while they will look into the matter, my previous experience with the FBI and computer crime shows a decided lack of interest in crimes that don't involve a high dollar figure for damages or stolen goods/services except for the purposes of profiling attacks and doing trend analysis. Unless you're looking at a six figure loss, you probably won't get far. Your best bet is to find a solution to restrict access to your relays. -- Joseph W. Shaw - jshaw@insync.net Free UNIX advocate - "I hack, therefore I am." On Mon, 22 Nov 1999, Dean Anderson wrote:
These are coming from Mass, Cleveland, Ohio, and Virginia.
We use our relays for legitimate business purposes. They are not "accidentally left open".
--Dean
On Mon, 22 Nov 1999, Roeland M.J. Meyer wrote:
What "legitimate business purposes" necessitate leaving SMTP relays open to the world?
How about running a commercial email gateway?
Lets try another analogy set, ie You run a gas station. open-relay: You give out free fuel to whoever turns up in a vehicle capable of accepting fuel from your bowser. pop-before-smtp authentication: You require a valid corporate fleet card before handing out fuel. full-anti-relay: You require payment before letting them near the bowser. trusted-hosts or IP-based access lists: If their numberplate is in a certain range, give them free fuel.
How about commercial anonymous re-mailers?
Ah, this would be: You give out free fuel on sighting, but not verifying, a corporate fleet card, and give them a new car. --==-- Bruce. Peregrinus expectavi pedes meos in cymbalis est.
Analogies never prove anything. Let's get our hands on the real thing instead. Show me another way to run a third-party e-mail gateway that doesn't require a smart relay somewhere. Oh yeah, do it with sendmail.
-----Original Message----- From: Bruce Campbell [mailto:bc@vicious.dropbear.id.au] Sent: Tuesday, November 23, 1999 1:18 AM To: Roeland M.J. Meyer Cc: nanog@merit.edu Subject: RE: ARIN whois
On Mon, 22 Nov 1999, Roeland M.J. Meyer wrote:
What "legitimate business purposes" necessitate leaving SMTP relays open to the world?
How about running a commercial email gateway?
Lets try another analogy set, ie You run a gas station.
open-relay: You give out free fuel to whoever turns up in a vehicle capable of accepting fuel from your bowser.
pop-before-smtp authentication: You require a valid corporate fleet card before handing out fuel.
full-anti-relay: You require payment before letting them near the bowser.
trusted-hosts or IP-based access lists: If their numberplate is in a certain range, give them free fuel.
How about commercial anonymous re-mailers?
Ah, this would be:
You give out free fuel on sighting, but not verifying, a corporate fleet card, and give them a new car.
--==-- Bruce.
Peregrinus expectavi pedes meos in cymbalis est.
On 11/23/99, "Roeland M.J. Meyer" <rmeyer@mhsc.com> wrote:
Analogies never prove anything. Let's get our hands on the real thing instead. Show me another way to run a third-party e-mail gateway that doesn't require a smart relay somewhere. Oh yeah, do it with sendmail.
Okay, let's take your non-standard TLD example. It'd be pretty easy to write a sendmail ruleset that would allow anybody anywhere to relay TO THOSE TLD's but not to any other mail server. I'm sorry to come off so negative, Roeland, but I'm shocked by how little research you've done here. (If you were a little more polite about it I'd be tempted to write the ruleset for you right now.) ---------========== J.D. Falk <jdfalk@cybernothing.org> =========--------- | "Actually it's November 27. I'm terribly sorry. | | I thought you were an asparagus." | | - Opus the Penguin | ----========== http://www.cybernothing.org/jdfalk/home.html ==========----
I think for the most part one essential element is missing here the "CUSTOMER" is the recipient of the SPAM from an OPEN relay, and that is harassment. It becomes criminal when the SPAM provides you with incentive to pay money so that you can make $50,000.00 in 30 days, NOT. When the customer gets about 200 of these a month in his/her email, they are looking at the ISP for a solution. The customer does not want SPAM, period. The customer wants to reserve the right to do business with those businesses that useful to their need. Not a Dentist in Bermuda or Florida, let alone get the best XXX from these skanks here type of drivel. As a customer (consumer) of internet services I want my rights back! Bruce Campbell wrote:
On Mon, 22 Nov 1999, Roeland M.J. Meyer wrote:
What "legitimate business purposes" necessitate leaving SMTP relays open to the world?
How about running a commercial email gateway?
Lets try another analogy set, ie You run a gas station.
open-relay: You give out free fuel to whoever turns up in a vehicle capable of accepting fuel from your bowser.
pop-before-smtp authentication: You require a valid corporate fleet card before handing out fuel.
full-anti-relay: You require payment before letting them near the bowser.
trusted-hosts or IP-based access lists: If their numberplate is in a certain range, give them free fuel.
How about commercial anonymous re-mailers?
Ah, this would be:
You give out free fuel on sighting, but not verifying, a corporate fleet card, and give them a new car.
--==-- Bruce.
Peregrinus expectavi pedes meos in cymbalis est.
-- Thank you; |--------------------------------------------| | Thinking is a learned process so is UNIX | |--------------------------------------------| Henry R. Linneweh
At 11:23 PM 11/22/99 -0800, Roeland M.J. Meyer wrote:
What "legitimate business purposes" necessitate leaving SMTP relays open to the world?
How about running a commercial email gateway? How about commercial anonymous re-mailers?
Um, how about POP before SMTP? Seems like it would work just fine. John Fraizer EnterZone, Inc
Because we only allow certain users to have POP3 accounts.
-----Original Message----- From: owner-nanog@merit.edu [mailto:owner-nanog@merit.edu]On Behalf Of John Fraizer Sent: Wednesday, November 24, 1999 1:56 PM To: rmeyer@mhsc.com; 'Joe Shaw'; 'Dean Anderson' Cc: nanog@merit.edu Subject: RE: ARIN whois
At 11:23 PM 11/22/99 -0800, Roeland M.J. Meyer wrote:
What "legitimate business purposes" necessitate leaving SMTP relays open to the world?
How about running a commercial email gateway? How about
commercial anonymous
re-mailers?
Um, how about POP before SMTP? Seems like it would work just fine.
John Fraizer EnterZone, Inc
Please, please, please, would you take all this to email. I'm sure that almost everyone has already quit listening, and my filters are complicated enough (Dean was already there). "Roeland M.J. Meyer" wrote:
Because we only allow certain users to have POP3 accounts.
At 11:23 PM 11/22/99 -0800, Roeland M.J. Meyer wrote:
What "legitimate business purposes" necessitate leaving SMTP relays open to the world?
How about running a commercial email gateway? How about
commercial anonymous
re-mailers?
Um, how about POP before SMTP? Seems like it would work just fine.
-- http://pgp.ai.mit.edu:11371/pks/lookup?op=get&search=0xFEF225AB http://pgp.ai.mit.edu:11371/pks/lookup?op=get&search=0x1A3510D1 ETAOIN SHRDLU CMFGYP WBVKXJ QZ
"Roeland M.J. Meyer" wrote:
What "legitimate business purposes" necessitate leaving SMTP relays open to the world?
How about running a commercial email gateway? How about commercial anonymous re-mailers?
How about commercial anonymous re-mailers? You can certainly operate one without running a relay. Have the people using the re-mailer send mail to a specific address. WRT commercial gateways, I'd argue that the specific use would determine whether or not an open relay would be of any benefit. I'd need details about a specific case before I'd argue that you're right or wrong.
Dean, Have you considered that, while your stand may be legally correct, it is ethically questionable? By leaving your relays open, you invite abuse and facilitate the theft of other networks' resources. I can not imagine what legitimate purpose you might have for such a practice. Perhaps the most disturbing aspect of this is your steady beat on the drum of law and order, combined with your strange zeal to block out IP addresses from a large block of law abiding folks. I can only wish you luck in your endevour to have Federal law enforcement officials deliver warrant on international spammers. Clearly, those folks don't have enough to do, and need the extra work. - Daniel Golding On Mon, 22 Nov 1999, Dean Anderson wrote:
These are coming from Mass, Cleveland, Ohio, and Virginia.
We use our relays for legitimate business purposes. They are not "accidentally left open". We are not going to close them. We are going to pursue abusers civilly and criminally. The FBI assures me that it does not matter criminally that access comes from international sources.
Much of the activity appears to be comming from alleged ANTI-SPAMMERs such as Chris Neill, and Alan Brown and Ron Guillemette who have been inciting attacks against us, posting to alt.2600 and advertising our service. Inciting criminal acts is a criminal act too, I'm pretty sure. We make sure to mention them prominently.
--Dean
Around 11:18 PM 11/21/1999 -0500, rumor has it that Kai Schlichting said:
At 09:16 PM 11/21/99 -0500, Dean Anderson wrote:
Can someone send me a list of *all* AOL netblocks? ARIN's whois only gives back a handful.
I want to block _all_ AOL netblocks, but its tough to find out what they are.
Thanks to a few malicious, radical antispammers (Chris Neill, Alan Brown, etc) we are getting hit with a large number of criminal mail relays. Mostly coming from AOL addresses. We have about a half dozen individual criminal complaints underway.
Don't kid us, Dan. Close your fucking relays (not that any of them talk to my hosts anyhow). If this has to be drummed into your bonehead again: THEY WILL FIND YOUR RELAYS ON THEIR OWN, AND THEY WILL ABUSE THEM, NO MATTER HOW LOUD YOU SCREAM. THEY SIT IN CHINA, PAKISTAN AND KOREA, AND THERE IS NOTHING YOU CAN DO ABOUT THEM SHORT OF CALLING THE WHITEHOUSE AND GETTING THESE PLACES INVADED. Alternatively, you could come to your senses and shut the literal front door of your house now that you've finally noticed the first unsavory characters passing by. A couple years after the rest of us, no doubt.
And they won't need ORBS or any other service to locate you, either. Stop complaining. No more secrets (now that's from Scott Yelich's tagline).
bye,Kai
-- kai@conti.nu "Just say No" to Spam Kai Schlichting Palo Alto, New York, You name it Sophisticated Technical Peon Kai's SpamShield <tm> is FREE! http://SpamShield.Conti.nu | | LeasedLines-FrameRelay-IPLs-ISDN-PPP-Cisco-Consulting-VoiceFax-Data-Muxes WorldWideWebAnything-Intranets-NetAdmin-UnixAdmin-Security-ReallyHardMath
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Plain Aviation, Inc dean@av8.com LAN/WAN/UNIX/NT/TCPIP http://www.av8.com ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
I'm really curious now: What, pray tell, are the "legitimate business purposes" that *necessitate* the use of open relays? I'm an ISP admin myself, and while it is certainly possible that I am missing something, the longer this thread goes on, the more I doubt it. Why don't you enlighten us and end this forever? Also: "The FBI assures me that it does not matter criminally that access comes from international sources." Not criminally, maybe, to the extent that what they are doing is still criminal, but it makes a hell of a *practical* difference, as somebody else already pointed out. - Steve ___________________________________________ #include <dispensa.mwis.net/std_disclaimer.h> ----- Original Message ----- From: Daniel Golding <dgolding@mindspring.net> To: Dean Anderson <dean@av8.com> Cc: Kai Schlichting <kai@pac-rim.net>; <nanog@merit.edu> Sent: Monday, November 22, 1999 10:38 PM Subject: Re: ARIN whois
Dean,
Have you considered that, while your stand may be legally correct, it is ethically questionable? By leaving your relays open, you invite abuse and facilitate the theft of other networks' resources. I can not imagine what legitimate purpose you might have for such a practice. Perhaps the most disturbing aspect of this is your steady beat on the drum of law and order, combined with your strange zeal to block out IP addresses from a large block of law abiding folks.
I can only wish you luck in your endevour to have Federal law enforcement officials deliver warrant on international spammers. Clearly, those folks don't have enough to do, and need the extra work.
- Daniel Golding
On Mon, 22 Nov 1999, Dean Anderson wrote:
These are coming from Mass, Cleveland, Ohio, and Virginia.
We use our relays for legitimate business purposes. They are not
Much of the activity appears to be comming from alleged ANTI-SPAMMERs
such as Chris Neill, and Alan Brown and Ron Guillemette who have been inciting attacks against us, posting to alt.2600 and advertising our service. Inciting criminal acts is a criminal act too, I'm pretty sure. We make sure to mention them prominently.
--Dean
Around 11:18 PM 11/21/1999 -0500, rumor has it that Kai Schlichting
said:
At 09:16 PM 11/21/99 -0500, Dean Anderson wrote:
Can someone send me a list of *all* AOL netblocks? ARIN's whois only
gives back a handful.
I want to block _all_ AOL netblocks, but its tough to find out what
"accidentally left open". We are not going to close them. We are going to pursue abusers civilly and criminally. The FBI assures me that it does not matter criminally that access comes from international sources. they are.
Thanks to a few malicious, radical antispammers (Chris Neill, Alan
Brown, etc) we are getting hit with a large number of criminal mail relays. Mostly coming from AOL addresses. We have about a half dozen individual criminal complaints underway.
Don't kid us, Dan. Close your fucking relays (not that any of them talk to my hosts anyhow). If this has to be drummed into your bonehead again: THEY WILL FIND YOUR RELAYS ON THEIR OWN, AND THEY WILL ABUSE THEM, NO MATTER HOW LOUD YOU SCREAM. THEY SIT IN CHINA, PAKISTAN AND KOREA, AND THERE IS NOTHING YOU CAN DO ABOUT THEM SHORT OF CALLING THE WHITEHOUSE AND GETTING THESE PLACES INVADED. Alternatively, you could come to your senses and shut the literal front door of your house now that you've finally noticed the first unsavory characters passing by. A couple years after the rest of us, no doubt.
And they won't need ORBS or any other service to locate you, either. Stop complaining. No more secrets (now that's from Scott Yelich's tagline).
bye,Kai
-- kai@conti.nu "Just say No" to Spam Kai Schlichting Palo Alto, New York, You name it Sophisticated Technical Peon Kai's SpamShield <tm> is FREE! http://SpamShield.Conti.nu | |
LeasedLines-FrameRelay-IPLs-ISDN-PPP-Cisco-Consulting-VoiceFax-Data-Muxes
WorldWideWebAnything-Intranets-NetAdmin-UnixAdmin-Security-ReallyHardMath
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Plain Aviation, Inc dean@av8.com LAN/WAN/UNIX/NT/TCPIP http://www.av8.com ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
A point that Dean makes here is pretty valid. Last year MHSC tried to run a third-party secure email service, using sendmail. The only way to do that is to allow relaying. The nimrods, that are about closing down all mail relays, absolutely ignore valid business uses for the relays. They don't understand that someone might want to use a different SMTP server, than the one their ISP uses, in order to send to someone in the WEB, FTN, VPN, or PER TLDs. That sort of gateway MUST allow relays in order to function. I know Ron Guillimette from my daze on the anti-spam lists. Not only is he rabid, but he lacks a lot of sense. He's an "ends justify means" type.
-----Original Message----- From: owner-nanog@merit.edu [mailto:owner-nanog@merit.edu]On Behalf Of Dean Anderson Sent: Monday, November 22, 1999 11:16 AM To: Kai Schlichting; nanog@merit.edu Subject: Re: ARIN whois
These are coming from Mass, Cleveland, Ohio, and Virginia.
We use our relays for legitimate business purposes. They are not "accidentally left open". We are not going to close them. We are going to pursue abusers civilly and criminally. The FBI assures me that it does not matter criminally that access comes from international sources.
Much of the activity appears to be comming from alleged ANTI-SPAMMERs such as Chris Neill, and Alan Brown and Ron Guillemette who have been inciting attacks against us, posting to alt.2600 and advertising our service. Inciting criminal acts is a criminal act too, I'm pretty sure. We make sure to mention them prominently.
--Dean
Around 11:18 PM 11/21/1999 -0500, rumor has it that Kai Schlichting said:
At 09:16 PM 11/21/99 -0500, Dean Anderson wrote:
Can someone send me a list of *all* AOL netblocks? ARIN's
whois only gives back a handful.
I want to block _all_ AOL netblocks, but its tough to find
out what they are.
Thanks to a few malicious, radical antispammers (Chris
Neill, Alan Brown, etc) we are getting hit with a large number of criminal mail relays. Mostly coming from AOL addresses. We have about a half dozen individual criminal complaints underway.
Don't kid us, Dan. Close your fucking relays (not that any of them talk to my hosts anyhow). If this has to be drummed into your bonehead again: THEY WILL FIND YOUR RELAYS ON THEIR OWN, AND THEY WILL ABUSE THEM, NO MATTER HOW LOUD YOU SCREAM. THEY SIT IN CHINA, PAKISTAN AND KOREA, AND THERE IS NOTHING YOU CAN DO ABOUT THEM SHORT OF CALLING THE WHITEHOUSE AND GETTING THESE PLACES INVADED. Alternatively, you could come to your senses and shut the literal front door of your house now that you've finally noticed the first unsavory characters passing by. A couple years after the rest of us, no doubt.
And they won't need ORBS or any other service to locate you, either. Stop complaining. No more secrets (now that's from Scott Yelich's tagline).
bye,Kai
-- kai@conti.nu "Just say No" to Spam Kai Schlichting Palo Alto, New York, You name it Sophisticated Technical Peon Kai's SpamShield <tm> is FREE! http://SpamShield.Conti.nu | | LeasedLines-FrameRelay-IPLs-ISDN-PPP-Cisco-Consulting-VoiceFa x-Data-Muxes WorldWideWebAnything-Intranets-NetAdmin-UnixAdmin-Security-Re allyHardMath
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Plain Aviation, Inc dean@av8.com LAN/WAN/UNIX/NT/TCPIP http://www.av8.com ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
A point that Dean makes here is pretty valid.
No, he doesn't, and attempting to legitimize it only does a disservice to anyone with a clue. NOTE: Do NOT EVER run an open relay on the Internet
Last year MHSC tried to run a third-party secure email service, using sendmail. The only way to do that is to allow relaying.
Ah, so you're one of those people who run open relays. Sorry; time to get a job where you're not about loosing filth on the net.
The nimrods, that are about closing down all mail relays,
Nimrod? *laugh* "That word, I do not think it means what you think it means." http://www.m-w.com. quote - tpb
That sort of gateway MUST allow relays in order to function.
Well, I'm afraid to get on my soapbox about clueless people who get promoted to sysadmin positions. Unfortunately staying silent and letting "nimrods" (means "mighty hunter) like you do damage by mis-informing real sysadmins about open relays is bad. Open relays unacceptable, and technically unnecessary. Closed relays fine. Learn to use filters, my dictionary-challenged friend.
I know Ron Guillimette from my daze on the anti-spam lists. Not only is he rabid, but he lacks a lot of sense. He's an "ends justify means" type.
Um. Dude. That's entirely what your comment on open relays is. If the ends don't justify the means, than your bad business sense and poor technical skills DON'T justify open relays. Cheers, Ehud p.s. Don't send me any more private mail telling me how bright dean is.
-----Original Message----- From: owner-nanog@merit.edu [mailto:owner-nanog@merit.edu]On Behalf Of Dean Anderson Sent: Monday, November 22, 1999 11:16 AM To: Kai Schlichting; nanog@merit.edu Subject: Re: ARIN whois
These are coming from Mass, Cleveland, Ohio, and Virginia.
We use our relays for legitimate business purposes. They are not "accidentally left open". We are not going to close them. We are going to pursue abusers civilly and criminally. The FBI assures me that it does not matter criminally that access comes from international sources.
Much of the activity appears to be comming from alleged ANTI-SPAMMERs such as Chris Neill, and Alan Brown and Ron Guillemette who have been inciting attacks against us, posting to alt.2600 and advertising our service. Inciting criminal acts is a criminal act too, I'm pretty sure. We make sure to mention them prominently.
--Dean
Around 11:18 PM 11/21/1999 -0500, rumor has it that Kai Schlichting said:
At 09:16 PM 11/21/99 -0500, Dean Anderson wrote:
Can someone send me a list of *all* AOL netblocks? ARIN's
whois only gives back a handful.
I want to block _all_ AOL netblocks, but its tough to find
out what they are.
Thanks to a few malicious, radical antispammers (Chris
Neill, Alan Brown, etc) we are getting hit with a large number of criminal mail relays. Mostly coming from AOL addresses. We have about a half dozen individual criminal complaints underway.
Don't kid us, Dan. Close your fucking relays (not that any of them talk to my hosts anyhow). If this has to be drummed into your bonehead again: THEY WILL FIND YOUR RELAYS ON THEIR OWN, AND THEY WILL ABUSE THEM, NO MATTER HOW LOUD YOU SCREAM. THEY SIT IN CHINA, PAKISTAN AND KOREA, AND THERE IS NOTHING YOU CAN DO ABOUT THEM SHORT OF CALLING THE WHITEHOUSE AND GETTING THESE PLACES INVADED. Alternatively, you could come to your senses and shut the literal front door of your house now that you've finally noticed the first unsavory characters passing by. A couple years after the rest of us, no doubt.
And they won't need ORBS or any other service to locate you, either. Stop complaining. No more secrets (now that's from Scott Yelich's tagline).
bye,Kai
-- kai@conti.nu "Just say No" to Spam Kai Schlichting Palo Alto, New York, You name it Sophisticated Technical Peon Kai's SpamShield <tm> is FREE! http://SpamShield.Conti.nu | | LeasedLines-FrameRelay-IPLs-ISDN-PPP-Cisco-Consulting-VoiceFa x-Data-Muxes WorldWideWebAnything-Intranets-NetAdmin-UnixAdmin-Security-Re allyHardMath
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Plain Aviation, Inc dean@av8.com LAN/WAN/UNIX/NT/TCPIP http://www.av8.com ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
On Mon, 22 Nov 1999, Roeland M.J. Meyer wrote:
A point that Dean makes here is pretty valid. Last year MHSC tried to run a third-party secure email service, using sendmail. The only way to do that is to allow relaying. The nimrods, that are about closing down all mail relays, absolutely ignore valid business uses for the relays. They don't understand that someone might want to use a different SMTP server, than the one their ISP uses, in order to send to someone in the WEB, FTN, VPN, or PER TLDs. That sort of gateway MUST allow relays in order to function.
The key problem we've run into is that while customers may have a domain hosted with us, they're dialling up to a third party ISP. Normally we'd tell them 'set your email program up to send mail as you@your.domain', but some ISPs (most notably the free ones) seem to only permit mail to go out through their relays if the mail comes from username@their.isp. Of course, we simply tell them to sign up to an ISP that doesn't restrict them in every possible way, but there are a few who are rather anti-this (most notably those on AOL). I'd love to be able to run open relays for these users, to let them send mail out with their own domain on the From: header. The net's not the same place it was even 5 years ago, though, and we just can't leave ourselves vulnerable like that. Ain't progress marvellous? -- Patrick Evans - Sysadmin, bran addict and couch potato pre at pre dot org www.pre.org/pre
This is exactly the issue and the rabid anti-spammers ignore the fact that most smallers IAPs do NOT run a good mail service and many don't want to. They are denying legitimate service, to legitimate users, whilst attacking a legitimate business, because they don't want to understand anything outside of their little parochial world. Some call that ignorance. BTW, I nuke spammers on sight. The real answer is putting an authentication layer into SMTP.
Behalf Of Patrick Evans Sent: Tuesday, November 23, 1999 3:58 AM To: Roeland M.J. Meyer Cc: nanog@merit.edu Subject: RE: ARIN whois
On Mon, 22 Nov 1999, Roeland M.J. Meyer wrote:
absolutely ignore valid business uses for the relays. They don't understand that someone might want to use a different SMTP server, than the one their ISP uses, in order to send to someone in the WEB, FTN, VPN, or PER TLDs. That sort of gateway MUST allow relays in order to function.
The key problem we've run into is that while customers may have a domain hosted with us, they're dialling up to a third party ISP. Normally we'd tell them 'set your email program up to send mail as you@your.domain', but some ISPs (most notably the free ones) seem to only permit mail to go out through their relays if the mail comes from username@their.isp.
Of course, we simply tell them to sign up to an ISP that doesn't restrict them in every possible way, but there are a few who are rather anti-this (most notably those on AOL).
I'd love to be able to run open relays for these users, to let them send mail out with their own domain on the From: header. The net's not the same place it was even 5 years ago, though, and we just can't leave ourselves vulnerable like that.
Ain't progress marvellous?
On 11/23/99, "Roeland M.J. Meyer" <rmeyer@mhsc.com> wrote:
The real answer is putting an authentication layer into SMTP.
Already done. Sendmail supports it. Where've you been? ---------========== J.D. Falk <jdfalk@cybernothing.org> =========--------- | "Beyond your tunnel vision reality fades | | Like shadows into the night." -Pink Floyd | ----========== http://www.cybernothing.org/jdfalk/home.html ==========----
At 09:46 AM 11/23/99 -0800, J.D. Falk wrote:
The real answer is putting an authentication layer into SMTP.
Already done. Sendmail supports it. Where've you been?
Well, to be fair, sendmail has only supported it in a public release for 2-3 weeks. :) Sure, it's been in the beta code for a while (and 8.10 is still in beta), but sendmail supporting it is a new (albeit welcome) change. There are other MTA's that Dean could long ago installed that implemented SMTP-AUTH before sendmail got around to it, though, so his argument is still pretty moot. D
On 11/23/99, "Derek J. Balling" <dredd@megacity.org> wrote:
At 09:46 AM 11/23/99 -0800, J.D. Falk wrote:
The real answer is putting an authentication layer into SMTP.
Already done. Sendmail supports it. Where've you been?
Well, to be fair, sendmail has only supported it in a public release for 2-3 weeks. :)
True, but POP-before-SMTP and such have been around for much longer -- and, while I personally think they're pretty awful kludges in most cases, it WORKS.
There are other MTA's that Dean could long ago installed that implemented SMTP-AUTH before sendmail got around to it, though, so his argument is still pretty moot.
I think the root of his argument is that he doesn't want to feel as if somebody else is pressuring him to do something he would be too lazy to do otherwise. And, if his laziness did not affect anybody else, I'd support him in that. ---------========== J.D. Falk <jdfalk@cybernothing.org> =========--------- | "A straight line may be the shortest distance between two points... | | but it is by no means the most interesting." | | -- Jon Pertwee as Doctor Who in "Doctor Who and | | the Time Warrior" by Robert Holmes (BBC, 1974) | ----========== http://www.cybernothing.org/jdfalk/home.html ==========----
I have not idea what all this drivel has to do with ARIN whois, but there is not such thing as "WEB, FTN, VPN, or PER TLDs." And we have not yet heard of a "valid business reason". Proof by assertion is not sufficient. "Roeland M.J. Meyer" wrote:
A point that Dean makes here is pretty valid. Last year MHSC tried to run a third-party secure email service, using sendmail. The only way to do that is to allow relaying. The nimrods, that are about closing down all mail relays, absolutely ignore valid business uses for the relays. They don't understand that someone might want to use a different SMTP server, than the one their ISP uses, in order to send to someone in the WEB, FTN, VPN, or PER TLDs. That sort of gateway MUST allow relays in order to function.
WSimpson@UMich.edu Key fingerprint = 17 40 5E 67 15 6F 31 26 DD 0D B9 9B 6A 15 2C 32
Yet another example of narrow-mindedness. All of those TLDs exist, unless you like denying reality. Just because *you* can't get to them doesn't mean that others can't. This is the very reason that smart-relay exists, as a feature in sendmail. WEB is operated by IO Design FTN is FidoNet Technology Network aka FidoNet, SurvNet, EggNet, etc. VPN is operated by MHSC.NET PER is operated by Iperdome. While we're at it, there is BOX, which is operated by DSO.NET I'll even let you use NS2.MHSC.NET to get to them, for free. see <http://www.dnso.net> BTW, who died and left you God of Business plans?
-----Original Message----- From: owner-nanog@merit.edu [mailto:owner-nanog@merit.edu]On Behalf Of William Allen Simpson Sent: Tuesday, November 23, 1999 6:34 AM To: nanog@merit.edu Subject: Re: ARIN whois
I have not idea what all this drivel has to do with ARIN whois, but there is not such thing as "WEB, FTN, VPN, or PER TLDs."
And we have not yet heard of a "valid business reason". Proof by assertion is not sufficient.
"Roeland M.J. Meyer" wrote:
A point that Dean makes here is pretty valid. Last year
third-party secure email service, using sendmail. The only way to do that is to allow relaying. The nimrods, that are about closing down all mail relays, absolutely ignore valid business uses for the relays. They don't understand that someone might want to use a different SMTP server,
MHSC tried to run a than the one their
ISP uses, in order to send to someone in the WEB, FTN, VPN, or PER TLDs. That sort of gateway MUST allow relays in order to function.
WSimpson@UMich.edu Key fingerprint = 17 40 5E 67 15 6F 31 26 DD 0D B9 9B 6A 15 2C 32
If you protect yourself from open relays too hard, you really protect yourself from the usefull mail. It's reality. The best way to stop the SPAM is to turn your computer off. There is many reasons why someone hold open relay; while this relay don't send you spam, it's not your business... many providers simpli filter open relay detectors out (such as ODBS), moreover, an attempt to use this _crazy_ (active) lists results in the loss e-mail and can't be used by the serious companies.
Sent: Tuesday, November 23, 1999 6:34 AM To: nanog@merit.edu Subject: Re: ARIN whois
I have not idea what all this drivel has to do with ARIN whois, but there is not such thing as "WEB, FTN, VPN, or PER TLDs."
And we have not yet heard of a "valid business reason". Proof by assertion is not sufficient.
"Roeland M.J. Meyer" wrote:
A point that Dean makes here is pretty valid. Last year
third-party secure email service, using sendmail. The only way to do that is to allow relaying. The nimrods, that are about closing down all mail relays, absolutely ignore valid business uses for the relays. They don't understand that someone might want to use a different SMTP server,
MHSC tried to run a than the one their
ISP uses, in order to send to someone in the WEB, FTN, VPN, or PER TLDs. That sort of gateway MUST allow relays in order to function.
WSimpson@UMich.edu Key fingerprint = 17 40 5E 67 15 6F 31 26 DD 0D B9 9B 6A 15 2C 32
Aleksei Roudnev, (+1 415) 585-3489 /San Francisco CA/
On 11/22/99, "Roeland M.J. Meyer" <rmeyer@mhsc.com> wrote:
A point that Dean makes here is pretty valid. Last year MHSC tried to run a third-party secure email service, using sendmail. The only way to do that is to allow relaying. The nimrods, that are about closing down all mail relays, absolutely ignore valid business uses for the relays. They don't understand that someone might want to use a different SMTP server, than the one their ISP uses, in order to send to someone in the WEB, FTN, VPN, or PER TLDs. That sort of gateway MUST allow relays in order to function.
A couple years ago I might have agreed with you. Right now, today, November 23 in the year of somebody's lord 1999, there is no excuse for leaving your relays open to the world. We have the technology to authenticate. Use it.
I know Ron Guillimette from my daze on the anti-spam lists. Not only is he rabid, but he lacks a lot of sense. He's an "ends justify means" type.
Ron does not represent the whole of the anti-spam community, or even just the folks who want open relays closed so that spammers stop getting a free ride. He's on his own trip. ---------========== J.D. Falk <jdfalk@cybernothing.org> =========--------- | "Welcome to my nightmare | | Its the one in which I always press the button." | | -Roy Harper | ----========== http://www.cybernothing.org/jdfalk/home.html ==========----
Proof? (If this appears in HTML instead of plain text, please let me know so I can fix) Dean Anderson wrote:
Much of the activity appears to be comming from alleged ANTI-SPAMMERs such as Chris Neill, and Alan Brown and Ron Guillemette who have been inciting attacks against us, posting to alt.2600 and advertising our service. Inciting criminal acts is a criminal act too, I'm pretty sure. We make sure to mention them prominently.
participants (17)
-
Alex P. Rudnev -
Bruce Campbell -
Daniel Golding -
Dean Anderson -
Derek J. Balling -
Ehud Gavron -
Etaoin Shrdlu -
Henry R. Linneweh -
J.D. Falk -
Joe Shaw -
John Fraizer -
Patrick Evans -
Robert Gash -
Roeland M.J. Meyer -
Steve Dispensa -
Steve Sobol -
William Allen Simpson