The material mentioned was first referenced in the following article: <A HREF="http://slashdot.org/yro/01/05/21/1944247.shtml">http://slashdot.org/yro/01/05/21/1944247.shtml</A> which refers to MAPS and Abovenet blackholing Macromedia. It appears as a slashdot sequel to 'MAPS RBL is now Censorware' (Dec 2000) by Jamie McCarthy. Notice the ACLU signature. You will find details on how they squeezed my company and our stand at <A HREF="http://www.dotcomeon.com">http://www.dotcomeon.com</A> Mitch NetSide
On Wed, May 23, 2001 at 02:44:28AM -0400, Mitch Halmu wrote:
The material mentioned was first referenced in the following article:
<A HREF="http://slashdot.org/yro/01/05/21/1944247.shtml">http://slashdot.org/yro/01/05/21/1944247.shtml</A>
which refers to MAPS and Abovenet blackholing Macromedia.
It appears as a slashdot sequel to 'MAPS RBL is now Censorware' (Dec 2000) by Jamie McCarthy. Notice the ACLU signature.
You will find details on how they squeezed my company and our stand at
<A HREF="http://www.dotcomeon.com">http://www.dotcomeon.com</A>
Umm... yes. You run an open, abused mail relay, got listed in RSS and whine about it rather than fix it. http://mail-abuse.org/cgi-bin/nph-rss?query=205.159.140.2 Could you be more clueless? If you want to whine some more, news.admin.net-abuse.email is over there -> and spam-l is that way <- HTH HAND -- John Payne http://www.sackheads.org/jpayne/ john@sackheads.org http://www.sackheads.org/uce/ Fax: +44 870 0547954 To send me mail, use the address in the From: header
On Wed, 23 May 2001, John Payne wrote:
Umm... yes. You run an open, abused mail relay, got listed in RSS and whine about it rather than fix it.
I have posted two URLs, one was to a slashdot article describing a stealth assault on Macromedia. So as to clarify the provenance of the URL previously given by others in full context. Don't see your comments there. Why? Perhaps the ACLU and those other do-good organizations command more respect than an ISP? But they're talking about the same thing! The latter was to explain our position. Let's make several things clear. First, what is the difference between an open relay and a free email account somewhere? None, absolutely none. You could subscribe as Michael Mouse today, and the emperor of China tomorrow. Yet such service, with no credit card or implant chip to validate your true identity, giving away free resources to the world, is perfectly legit in your judgement. NetSide maintains its own access control list. If a particular ip or ip range didn't abuse our servers, we feel no need to lock them out. And certainly not because you say so. Not to mention that all instances of abuse can be traced from logs to someone's ip, and there is a venue of complaint with the abuser's provider. We have a valid reason for doing so: locking our servers would prevent our customers from roaming, and we would also lose a good part of our non-local client base, some of them subscribed since 1995, who couldn't make full use of their accounts anymore. Second, open relays were the norm until Paul Vixie decided you should do otherwise. And in many cases, he convinced thy by brute force that his way is the right way is the only way. But it wasn't the legal way. Most providers bent over and silently took the punishment. We won't. Do I seem to whine here? Third, the new 'rule' MAPS just came up with now is that you must keep your server open to their 'testing', or they'll blackhole you. See for yourself: http://www.dotcomeon.com/nph-rss-remove-blocking.html That is the reason given for blocking us the second time around. No new 'evidence', just open wide for inspection and say ahhh...
Could you be more clueless?
That's just about what I was going to ask you. This is not about the merits of some technological implementation over another. It is about basic rights and freedoms shamelessly trampled upon by those that can thump their chests the loudest and have Daddy Warbucks bankroll their operation. Say you fall out of grace with the 'in' crowd tomorrow, could it be your turn?
If you want to whine some more, news.admin.net-abuse.email is over there -> and spam-l is that way <-
And you, John Payne, are here. And clearly on the side of the network operator that's deliberately destroying the connectivity of other networks. This problem won't just go away, as much as you want it swept under the rug. --Mitch NetSide
Okay, I don't want to perpetuate this lil battle more than it needs to however I do have a few observations that are blindingly glaring to me and perhaps been overlooked... Mitch Halmu was said to been seen saying:
On Wed, 23 May 2001, John Payne wrote:
Umm... yes. You run an open, abused mail relay, got listed in RSS and whine about it rather than fix it.
I have posted two URLs, one was to a slashdot article describing a stealth assault on Macromedia. So as to clarify the provenance of the URL previously given by others in full context. Don't see your comments there. Why? Perhaps the ACLU and those other do-good organizations command more respect than an ISP? But they're talking about the same thing!
The latter was to explain our position. Let's make several things clear. First, what is the difference between an open relay and a free email account somewhere? None, absolutely none. You could subscribe as Michael Mouse today, and the emperor of China tomorrow. Yet such service, with no credit card or implant chip to validate your true identity, giving away free resources to the world, is perfectly legit in your judgement.
NetSide maintains its own access control list. If a particular ip or ip range didn't abuse our servers, we feel no need to lock them out. And certainly not because you say so. Not to mention that all instances of abuse can be traced from logs to someone's ip, and there is a venue of complaint with the abuser's provider. We have a valid reason for doing so: locking our servers would prevent our customers from roaming, and we would also lose a good part of our non-local client base, some of them subscribed since 1995, who couldn't make full use of their accounts anymore.
Second, open relays were the norm until Paul Vixie decided you should do otherwise. And in many cases, he convinced thy by brute force that his way is the right way is the only way. But it wasn't the legal way. Most providers bent over and silently took the punishment. We won't. Do I seem to whine here?
Point blank open-relays are not a good idea, they may have when the technology was not there to do otherwise but come on, with SMTP AUTH and TLS capabilities in most "reputable" mail servers there is absolutely no excuse for it. If you remove the open relays you remove a good bit of the fscking spam that pollutes the net and annoys the hell out of most people. And SMTP AUTH and TLS would not prevent your roaming customers from sending and receiving and would actually HELP you verify it is them. <snipped what I felt didn't need further encouragement> Respectfully, Jeremy T. Bouse -- ,-----------------------------------------------------------------------------, |Jeremy T. Bouse, CCNA - UnderGrid Network Services, LLC - www.UnderGrid.net | | Public PGP/GPG key available through http://wwwkeys.us.pgp.net | | If received unsigned (without requesting as such) DO NOT trust it! | | jbouse@Debian.org - NIC Whois: JB5713 - Jeremy.Bouse@UnderGrid.net | `-----------------------------------------------------------------------------'
On Wed, 23 May 2001, Jeremy T. Bouse wrote:
Okay, I don't want to perpetuate this lil battle more than it needs to however I do have a few observations that are blindingly glaring to me and perhaps been overlooked...
Mitch Halmu was said to been seen saying: [snip]
Second, open relays were the norm until Paul Vixie decided you should do otherwise. And in many cases, he convinced thy by brute force that his way is the right way is the only way. But it wasn't the legal way. Most providers bent over and silently took the punishment. We won't. Do I seem to whine here?
Point blank open-relays are not a good idea, they may have when the technology was not there to do otherwise but come on, with SMTP AUTH and TLS capabilities in most "reputable" mail servers there is absolutely no excuse for it. If you remove the open relays you remove a good bit of the fscking spam that pollutes the net and annoys the hell out of most people. And SMTP AUTH and TLS would not prevent your roaming customers from sending and receiving and would actually HELP you verify it is them.
<snipped what I felt didn't need further encouragement>
Respectfully, Jeremy T. Bouse
As I answered in a private post to a similar observation, you don't have to take my word for it. Perhaps you believe what Chip Rosenthal, the daddy of MAPS TSI, states on his own site about POP-before-SMTP Authorization: "Our users hated it - particularly those using MS Outlook". --Mitch NetSide
Mitch Halmu was said to been seen saying:
On Wed, 23 May 2001, Jeremy T. Bouse wrote:
Okay, I don't want to perpetuate this lil battle more than it needs to however I do have a few observations that are blindingly glaring to me and perhaps been overlooked...
Mitch Halmu was said to been seen saying: [snip] Point blank open-relays are not a good idea, they may have when the technology was not there to do otherwise but come on, with SMTP AUTH and TLS capabilities in most "reputable" mail servers there is absolutely no excuse for it. If you remove the open relays you remove a good bit of the fscking spam that pollutes the net and annoys the hell out of most people. And SMTP AUTH and TLS would not prevent your roaming customers from sending and receiving and would actually HELP you verify it is them.
<snipped what I felt didn't need further encouragement>
Respectfully, Jeremy T. Bouse
As I answered in a private post to a similar observation, you don't have to take my word for it. Perhaps you believe what Chip Rosenthal, the daddy of MAPS TSI, states on his own site about POP-before-SMTP Authorization: "Our users hated it - particularly those using MS Outlook".
Did I say POP-before-SMTP? I don't think I did... SMTP AUTH and TLS are two completely setups than POP-before-SMTP and both are supported by any decent MUA. I agree POP-before-SMTP was not a good plan but it worked before the SMTP AUTH mechanism came of age. Now there is no logical reason not to use it. Or let me guess you don't authenicate your NNTP server either like most reputable USENET server admins are doing. Jeremy T. Bouse -- ,-----------------------------------------------------------------------------, |Jeremy T. Bouse, CCNA - UnderGrid Network Services, LLC - www.UnderGrid.net | | Public PGP/GPG fingerprint and location in headers of message | | If received unsigned (without requesting as such) DO NOT trust it! | | jbouse@Debian.org - NIC Whois: JB5713 - Jeremy.Bouse@UnderGrid.net | `-----------------------------------------------------------------------------'
Did I say POP-before-SMTP? I don't think I did... SMTP AUTH and TLS are two completely setups than POP-before-SMTP and both are supported by any decent MUA. I agree POP-before-SMTP was not a good plan but it worked before the SMTP AUTH mechanism came of age. Now there is no logical reason not to use it. Or let me guess you don't authenicate your NNTP server either like most reputable USENET server admins are doing.
Sorry, I just have to respond to this. If the solution to the open relay problem is to make all users/customers upgrade their mail software so that SMTP AUTH can be used instead, then why not extend this idea to its logical conclusion and stop using IPv4? Just do it, it's only a software upgrade, after all, same as upgrading to MUAs that support SMTP AUTH. IPv6 would probably help make a bigger dent in the spam problem than MAPS ever will. It's just a software upgrade, no sweat right? Yet I know someone is going to say "but that's different". I don't think it is, at least not different in kind. Lessee... RFC 2487 is SMTP over TLS, dated January 1999, and RFC 2554 is SMTP AUTH, dated March 1999. So that's a wholesale upgrade of mail infrastructure that has been more or less completed (forced?) in just two years. IPv6 is described in RFC 1883, dated December 1995. And here it is, 6 years later... I think a lot of priorities are bass-ackwards. Or maybe I'm just naive, and there's other considerations, other agendas at work that I'm not aware of.
Jeremy T. Bouse -- ,----------------------------------------------------------------- ------------, |Jeremy T. Bouse, CCNA - UnderGrid Network Services, LLC - www.UnderGrid.net | | Public PGP/GPG fingerprint and location in headers of message | | If received unsigned (without requesting as such) DO NOT trust it! | | jbouse@Debian.org - NIC Whois: JB5713 - Jeremy.Bouse@UnderGrid.net | `--------------------------------------------------------------------------- --'
At 4:04 PM -0700 5/23/01, Mike Batchelor wrote:
Sorry, I just have to respond to this. If the solution to the open relay problem is to make all users/customers upgrade their mail software so that SMTP AUTH can be used instead, .. [snip]
There's no "make them upgrade" about it. The present installed base of MUA's is predominantly capable of doing SMTP AUTH out of the box, and every new PC sold with OE included free o' charge (yuk, but that's a different issue) increases the percentage of people who have ready access to the tools. "Roaming" is not a right, its a privilege, and if you're one of the minority still using an MUA from 5 years ago that doesn't support it, then that's your own lookout.
Lessee... RFC 2487 is SMTP over TLS, dated January 1999, and RFC 2554 is SMTP AUTH, dated March 1999. So that's a wholesale upgrade of mail infrastructure that has been more or less completed (forced?) in just two years. IPv6 is described in RFC 1883, dated December 1995. And here it is, 6 years later...
Apples... oranges. D -- +---------------------+-----------------------------------------+ | dredd@megacity.org | "Conan! What is best in life?" | | Derek J. Balling | "To crush your enemies, see them | | | driven before you, and to hear the | | | lamentation of their women!" | +---------------------+-----------------------------------------+
Mike Batchelor was said to been seen saying:
Sorry, I just have to respond to this. If the solution to the open relay problem is to make all users/customers upgrade their mail software so that SMTP AUTH can be used instead, then why not extend this idea to its logical conclusion and stop using IPv4? Just do it, it's only a software upgrade, after all, same as upgrading to MUAs that support SMTP AUTH. IPv6 would probably help make a bigger dent in the spam problem than MAPS ever will.
I'm quite sure you meant for this to be some wise-ass comment so I hate to disappoint you when I tell you my internal network is already been upgraded to IPv6 at this time and welcome it globally as I assist to do so. As for upgrading how many people are using a version of IE less than 4.0 these days? IIRC Outlook Express that came with IE 4.0 support SMTP AUTH. As due many other very popular MUAs. I take it you also still design your websites for version 3.0 and earlier browsers. Is it that hard to think that upgrades in the name of better security are not a *WISE* and *PRUDENT* move rather than leaving your frontdoor unlocked while you go out to the convience store? Jeremy -- ,-----------------------------------------------------------------------------, |Jeremy T. Bouse, CCNA - UnderGrid Network Services, LLC - www.UnderGrid.net | | Public PGP/GPG fingerprint and location in headers of message | | If received unsigned (without requesting as such) DO NOT trust it! | | Jeremy.Bouse@UnderGrid.net - NIC Whois: JB5713 - jbouse@Debian.org | `-----------------------------------------------------------------------------'
On Wed, 23 May 2001 10:33:11 EDT, Mitch Halmu said:
Second, open relays were the norm until Paul Vixie decided you should do otherwise. And in many cases, he convinced thy by brute force that his way is the right way is the only way. But it wasn't the legal way. Most
This is *so* bass-ackwards it isn't funny. Open relays were the norm until people realized that they were getting abused. The clueful were already closing their relays back then. Vixie started providing the MAPS service because clueful people wanted to protect themselves against idiots. Incidentally, I'm pretty sure that both ORBS and the now-defunct DorkSlayers databases actually pre-date the MAPS project. So obviously there was a demand for the service before Vixie started it up. And as was already pointed out, spam-l and news.admin.net-abuse.email are probably more appropriate fora for this discussion... -- Valdis Kletnieks Operating Systems Analyst Virginia Tech
On Wed, May 23, 2001 at 10:33:11AM -0400, Mitch Halmu wrote:
On Wed, 23 May 2001, John Payne wrote:
Umm... yes. You run an open, abused mail relay, got listed in RSS and whine about it rather than fix it.
I have posted two URLs, one was to a slashdot article describing a stealth assault on Macromedia. So as to clarify the provenance of the URL previously given by others in full context. Don't see your comments there. Why? Perhaps the ACLU and those other do-good organizations command more respect than an ISP? But they're talking about the same thing!
If you believe everything you read in slashdot, you're either incredibly naieve or unbelievably clueless. Just the smallest bit of research in a relevant mailing lists archives would yield the reasons why macromedia was RBL'd and why the listing was removed. (Macromedia runs unconfirmed mailing lists, mailing lists get people added who don't want to be on the list, people complain to Macromedia, no response, people nominate Macromedia to MAPS, MAPS contacts Macromedia, no response, MAPS adds Macromedia to RBL, Macromedia contacts MAPS, Macromedia promises to cleanup act, MAPS removes Macromedia from RBL)
The latter was to explain our position. Let's make several things clear. First, what is the difference between an open relay and a free email account somewhere? None, absolutely none. You could subscribe as Michael Mouse today, and the emperor of China tomorrow. Yet such service, with no credit card or implant chip to validate your true identity, giving away free resources to the world, is perfectly legit in your judgement.
Most free e-mail services aren't being abused. The spam with hotmail or juno or whatever return addresses are not being sent through hotmail or juno or whoever, they're being sent through open relays like yours.
NetSide maintains its own access control list. If a particular ip or ip range didn't abuse our servers, we feel no need to lock them out. And
Bully for you. In the meantime the rest of us have to eat up the spew coming from your server until you decide that they've reached whatever abuse threshold you set.
certainly not because you say so. Not to mention that all instances of abuse can be traced from logs to someone's ip, and there is a venue of complaint with the abuser's provider. We have a valid reason for doing so: locking our servers would prevent our customers from roaming, and we would also lose a good part of our non-local client base, some of them subscribed since 1995, who couldn't make full use of their accounts anymore.
Absolute rubbish.
Second, open relays were the norm until Paul Vixie decided you should do otherwise. And in many cases, he convinced thy by brute force that his way is the right way is the only way. But it wasn't the legal way. Most providers bent over and silently took the punishment. We won't. Do I seem to whine here?
Yes
Third, the new 'rule' MAPS just came up with now is that you must keep your server open to their 'testing', or they'll blackhole you. See for yourself: http://www.dotcomeon.com/nph-rss-remove-blocking.html That is the reason given for blocking us the second time around. No new 'evidence', just open wide for inspection and say ahhh...
Uhhh... so how do you propose that relays are tested to make sure they're closed before being removed from the database?
Could you be more clueless?
That's just about what I was going to ask you. This is not about the merits of some technological implementation over another. It is about basic rights and freedoms shamelessly trampled upon by those that can thump their chests the loudest and have Daddy Warbucks bankroll their operation. Say you fall out of grace with the 'in' crowd tomorrow, could it be your turn?
Oh, I'm constantly falling in and out of ORBS and peoples killfiles. Do I particularly care? Nope... people have a right to block whatever traffic they want from their machines.
If you want to whine some more, news.admin.net-abuse.email is over there -> and spam-l is that way <-
And you, John Payne, are here. And clearly on the side of the network operator that's deliberately destroying the connectivity of other networks. This problem won't just go away, as much as you want it swept under the rug.
I'm in both those places (and more) as well. If you want to stalk me at least do others the favour of doing it where your whines stand a chance of being ontopic... and if you're really lucky you might pick up a friend or two on the way. -- John Payne http://www.sackheads.org/jpayne/ john@sackheads.org http://www.sackheads.org/uce/ Fax: +44 870 0547954 To send me mail, use the address in the From: header
On Wed, 23 May 2001, John Payne wrote:
On Wed, May 23, 2001 at 10:33:11AM -0400, Mitch Halmu wrote:
On Wed, 23 May 2001, John Payne wrote:
Umm... yes. You run an open, abused mail relay, got listed in RSS and whine about it rather than fix it.
I have posted two URLs, one was to a slashdot article describing a stealth assault on Macromedia. So as to clarify the provenance of the URL previously given by others in full context. Don't see your comments there. Why? Perhaps the ACLU and those other do-good organizations command more respect than an ISP? But they're talking about the same thing!
If you believe everything you read in slashdot, you're either incredibly naieve or unbelievably clueless.
Conversely true for anything else you may read. I am not particularily endorsing any opinions but my own. Yet they seem to have scored with that article, judging from the majority of the supportive comments I read.
Just the smallest bit of research in a relevant mailing lists archives would yield the reasons why macromedia was RBL'd and why the listing was removed. (Macromedia runs unconfirmed mailing lists, mailing lists get people added who don't want to be on the list, people complain to Macromedia, no response, people nominate Macromedia to MAPS, MAPS contacts Macromedia, no response, MAPS adds Macromedia to RBL, Macromedia contacts MAPS, Macromedia promises to cleanup act, MAPS removes Macromedia from RBL)
And you think that justifies the brute force approach? Interestingly, MACR seems to have the means to take them on legally. And perhaps also curious was the hush-hush way it was handled. Were it not for some clued spirits...
The latter was to explain our position. Let's make several things clear. First, what is the difference between an open relay and a free email account somewhere? None, absolutely none. You could subscribe as Michael Mouse today, and the emperor of China tomorrow. Yet such service, with no credit card or implant chip to validate your true identity, giving away free resources to the world, is perfectly legit in your judgement.
Most free e-mail services aren't being abused. The spam with hotmail or juno or whatever return addresses are not being sent through hotmail or juno or whoever, they're being sent through open relays like yours.
Have you ever heard of a dropbox? Would you like several tens of thousands of examples?
NetSide maintains its own access control list. If a particular ip or ip range didn't abuse our servers, we feel no need to lock them out. And
Bully for you. In the meantime the rest of us have to eat up the spew coming from your server until you decide that they've reached whatever abuse threshold you set.
The 'rest of us' have a traditional venue, and that is asking politely the ISP in a documented email complaint. How many complaints did you sent us? We're not in China, you know...
certainly not because you say so. Not to mention that all instances of abuse can be traced from logs to someone's ip, and there is a venue of complaint with the abuser's provider. We have a valid reason for doing so: locking our servers would prevent our customers from roaming, and we would also lose a good part of our non-local client base, some of them subscribed since 1995, who couldn't make full use of their accounts anymore.
Absolute rubbish.
No kidding? Prove it is so. I think those arguments are rather valid.
Second, open relays were the norm until Paul Vixie decided you should do otherwise. And in many cases, he convinced thy by brute force that his way is the right way is the only way. But it wasn't the legal way. Most providers bent over and silently took the punishment. We won't. Do I seem to whine here?
Yes
Third, the new 'rule' MAPS just came up with now is that you must keep your server open to their 'testing', or they'll blackhole you. See for yourself: http://www.dotcomeon.com/nph-rss-remove-blocking.html That is the reason given for blocking us the second time around. No new 'evidence', just open wide for inspection and say ahhh...
Uhhh... so how do you propose that relays are tested to make sure they're closed before being removed from the database?
This is the very thing they considered abusive just a few months ago. Wasn't it MAPS that blocked ORBS for scanning Abovenet's ports in the first place? So now they took their rival's worst rules and made it their own. Now it's my turn to say absolute rubbish.
Could you be more clueless?
That's just about what I was going to ask you. This is not about the merits of some technological implementation over another. It is about basic rights and freedoms shamelessly trampled upon by those that can thump their chests the loudest and have Daddy Warbucks bankroll their operation. Say you fall out of grace with the 'in' crowd tomorrow, could it be your turn?
Oh, I'm constantly falling in and out of ORBS and peoples killfiles. Do I particularly care? Nope... people have a right to block whatever traffic they want from their machines.
ORBS is a foreign entity. Out of reach. Vixie is ante portas. American, like you and me. Blackmailing American providers, breaking state and federal laws with impunity. People that subscribe to the blackhole lists probably have no idea who in particular they are blocking or to what extent. Or even why.
If you want to whine some more, news.admin.net-abuse.email is over there -> and spam-l is that way <-
And you, John Payne, are here. And clearly on the side of the network operator that's deliberately destroying the connectivity of other networks. This problem won't just go away, as much as you want it swept under the rug.
I'm in both those places (and more) as well. If you want to stalk me at least do others the favour of doing it where your whines stand a chance of being ontopic... and if you're really lucky you might pick up a friend or two on the way.
Your mail server bounces my messages. Have you thought of that one yet? I'm not stalking you, I'm simply responding to your comments. And if I need a friend, I'd rather buy a dog. I'll name him Lucky. --Mitch NetSide
On Wed, May 23, 2001 at 12:41:52PM -0400, Mitch Halmu wrote:
On Wed, 23 May 2001, John Payne wrote:
If you believe everything you read in slashdot, you're either incredibly naieve or unbelievably clueless.
Conversely true for anything else you may read. I am not particularily
Like duh. But I'm willing to give more credence to what the people actually involved say.
endorsing any opinions but my own. Yet they seem to have scored with that article, judging from the majority of the supportive comments I read.
/.'s supporting you. OK, thats it, you've convinced me. Free speach is the way to go... I'm going to threaten to sue everyone who doesn't listen to me from now on. (yeah, right)
Just the smallest bit of research in a relevant mailing lists archives would yield the reasons why macromedia was RBL'd and why the listing was removed. (Macromedia runs unconfirmed mailing lists, mailing lists get people added who don't want to be on the list, people complain to Macromedia, no response, people nominate Macromedia to MAPS, MAPS contacts Macromedia, no response, MAPS adds Macromedia to RBL, Macromedia contacts MAPS, Macromedia promises to cleanup act, MAPS removes Macromedia from RBL)
And you think that justifies the brute force approach? Interestingly, MACR
What brute force approach? Nobody is forcing anybody to subscribe to any lists.
seems to have the means to take them on legally. And perhaps also curious
Wonder why they didn't? Maybe because they knew they were in the wrong.
was the hush-hush way it was handled. Were it not for some clued spirits...
From an outside point of view it was handled like everyother case I've seen.
Have you ever heard of a dropbox? Would you like several tens of thousands of examples?
We're not talking about drop boxes. We're talking about relay abuse.
The 'rest of us' have a traditional venue, and that is asking politely the ISP in a documented email complaint. How many complaints did you sent us? We're not in China, you know...
What difference does the number of complaints I send you make? RSS subscribers have decided to not allow any mail from hosts listed on RSS. There is proof on the RSS website that your mail server is an open relay and has relayed spam. You have 2 choices. 1) close your open relay 2) deal with the fact that some people don't want mail from your server.
certainly not because you say so. Not to mention that all instances of abuse can be traced from logs to someone's ip, and there is a venue of complaint with the abuser's provider. We have a valid reason for doing so: locking our servers would prevent our customers from roaming, and we would also lose a good part of our non-local client base, some of them subscribed since 1995, who couldn't make full use of their accounts anymore.
Absolute rubbish.
No kidding? Prove it is so. I think those arguments are rather valid.
Closing an open relay has nothing to do with stopping your non-local clients from roaming and still using your relay. SMTP AUTH, pop-before-smtp, VPN, ssh tunnel are just 4 options off the top of my head.
Uhhh... so how do you propose that relays are tested to make sure they're closed before being removed from the database?
This is the very thing they considered abusive just a few months ago.
No it isn't. Once your server is listed in RSS, the only time MAPS will try and relaytest you is if you ask them to remove you.
Wasn't it MAPS that blocked ORBS for scanning Abovenet's ports in the first place? So now they took their rival's worst rules and made it their own. Now it's my turn to say absolute rubbish.
proactive scanning is a completely different ballgame to reactive testing on your request.
Could you be more clueless?
That's just about what I was going to ask you. This is not about the merits of some technological implementation over another. It is about basic rights and freedoms shamelessly trampled upon by those that can thump their chests the loudest and have Daddy Warbucks bankroll their operation. Say you fall out of grace with the 'in' crowd tomorrow, could it be your turn?
Oh, I'm constantly falling in and out of ORBS and peoples killfiles. Do I particularly care? Nope... people have a right to block whatever traffic they want from their machines.
ORBS is a foreign entity. Out of reach. Vixie is ante portas. American, like
So, I still don't see you complaining about being listed in ORBS (which you are).
you and me. Blackmailing American providers, breaking state and federal laws
I'm not American, and I resent you implying that I am (as would most Americans). Exactly what state and federal laws are MAPS breaking?
with impunity. People that subscribe to the blackhole lists probably have no idea who in particular they are blocking or to what extent. Or even why.
Uhh, sure they do. They're blocking people who meet the criteria for being in that list.
If you want to whine some more, news.admin.net-abuse.email is over there -> and spam-l is that way <-
And you, John Payne, are here. And clearly on the side of the network operator that's deliberately destroying the connectivity of other networks. This problem won't just go away, as much as you want it swept under the rug.
I'm in both those places (and more) as well. If you want to stalk me at least do others the favour of doing it where your whines stand a chance of being ontopic... and if you're really lucky you might pick up a friend or two on the way.
Your mail server bounces my messages. Have you thought of that one yet?
Of course, you're mailing me from an open relay. And yet I'm still replying to this post. Oh wait, maybe its coming through the mailing list that you persist in copying *duh*
I'm not stalking you, I'm simply responding to your comments. And if I need a friend, I'd rather buy a dog. I'll name him Lucky.
Too many jokes ... can't decide which to use Last mail from me to nanog in this thread. -- John Payne http://www.sackheads.org/jpayne/ john@sackheads.org http://www.sackheads.org/uce/ Fax: +44 870 0547954 To send me mail, use the address in the From: header
Well, the monthly MAPS/ORBS nonsense has pretty much run its course. Our thanks to the trolls for starting up this silliness so soon after it ended last month. Let's boil it down, shall we? 1. MAPS is a list generated to prevent spammers from sending mail to ONE network. They are not judge, jury, and executioner. They allow other network administrators to subscribe to the RBL, RSS and DUL as they see fit. Those admins do so by choice, not because they were strong-armed into doing it. It is not ONE person trying to rule e-mail on the internet (you're thinking of Alan Brown and ORBS). It is THOUSANDS of network admins choosing not to allow rogue networks to spam them. 2. This ridiculous debate keeps getting dredged up every 1-2 months because some whiny brat of a network admin doesn't feel like they should play by the same rules everyone else does. And the reason for it is because their network allows spam to transverse it - even after they've been notified and given time to fix it. So they ended up in the blackhole list. Therefore, for the sake of sanity, and bandwidth, and mail server load: "You anti-MAPS troll baiters are a bunch of %^$@& NAZIS!" There. You win. Now go away. As for mitch@netside.net... *plonk* Don't bother responding - my script now permanently deletes any e-mail to you or from you before I see it. -- Scott ========================== Scott Raymond LinkAmerica Communications http://soundamerica.com ==========================
On Fri, 25 May 2001, Scott Raymond wrote:
As for mitch@netside.net... *plonk* Don't bother responding - my script now permanently deletes any e-mail to you or from you before I see it.
-- Scott ========================== Scott Raymond LinkAmerica Communications http://soundamerica.com ==========================
If this is on a personal level, please feel free to do so, for whatever reasons plague you. Still miffed about that, but never mind. If you set policy for your company, we will oblige with a similar *plonk* --Mitch NetSide
On Wed, 23 May 2001, Mitch Halmu wrote:
Oh, I'm constantly falling in and out of ORBS and peoples killfiles. Do I particularly care? Nope... people have a right to block whatever traffic they want from their machines.
ORBS is a foreign entity. Out of reach. Vixie is ante portas. American, like you and me. Blackmailing American providers, breaking state and federal laws with impunity. People that subscribe to the blackhole lists probably have no idea who in particular they are blocking or to what extent. Or even why.
I keep missing the part that has to do with laws and legallity. You see to like to toss that around without any legal precedence for your statements. Its a shame for you and your employer that you don't believe in filtering abuse from your network. Your also in the minority. Simple as that. Just as it is your right to misconfigure your mail server and provide free services to spammers, it is my right to blackhole you from existance. Neat how that works both ways. Its probably best that everyone agrees to disagree. You can keep providing services to spammers and we will continue to block you and we can leave it at that. I'm sure some people on SPAM-L would have some opinions on this subject should you decide to take it to the proper forum. andy
On 05/23/01, Mitch Halmu <mitch@netside.net> wrote:
Third, the new 'rule' MAPS just came up with now is that you must keep your server open to their 'testing', or they'll blackhole you. See for yourself: http://www.dotcomeon.com/nph-rss-remove-blocking.html That is the reason given for blocking us the second time around. No new 'evidence', just open wide for inspection and say ahhh...
Uhhh... so how do you propose that relays are tested to make sure they're closed before being removed from the database?
This is the very thing they considered abusive just a few months ago. Wasn't it MAPS that blocked ORBS for scanning Abovenet's ports in the first place? So now they took their rival's worst rules and made it their own. Now it's my turn to say absolute rubbish.
You're blocking MAPS' test, but you leave your server open to relay from just about anywhere else. Perhaps the error message they gave you was unclear, but it should be fairly obvious that if you want to get off the list, you have to close the relay. MAPS isn't "forcing" you to do anything, you know. You're very welcome to continue to leave it open. And, likewise, everyone else is equally welcome to block all mail from your server, with or without MAPS' easy removal process. -- J.D. Falk SILENCE IS FOO! <jdfalk@cybernothing.org>
On Wed, 23 May 2001, J.D. Falk wrote:
You're blocking MAPS' test, but you leave your server open to relay from just about anywhere else. Perhaps the error message they gave you was unclear, but it should be fairly obvious that if you want to get off the list, you have to close the relay.
'Just about anywhere else' is a gross exaggeration. We currently block over 3000 entries, from class B's to individual ips. As an example, all of uu.net dial-ins, but NOT their SMTP servers. As another example, BellSouth is the ILEC here, so many of our customers hold a dsl account from them as well as a dial-up or domain with us. We can't block their ips. Some of these customers keep their accounts because of the email address they had with NetSide for years. And no, reselling dsl from BellSouth is not a viable economical option.
MAPS isn't "forcing" you to do anything, you know. You're very welcome to continue to leave it open. And, likewise, everyone else is equally welcome to block all mail from your server, with or without MAPS' easy removal process.
-- J.D. Falk SILENCE IS FOO! <jdfalk@cybernothing.org>
Do you speak as a MAPS official, JD? Thought you held the title of MAPS Product Manager. The forcing part comes with the conditions you attach. They may hear your call and tighten the blockade. Then again, some may start thinking independently... It is not the integrity of our server, it's the deviant line from your prescriptions that hurts here. Perhaps it's time an ISP questions your authority to make the rules. Risking our neck, just like that. While I respect your convictions and even ideals, I am strongly questioning your methods by which you implement them. You are still treating our company like some rogue .cn domain. One shoe fits all. --Mitch NetSide
On Wed, May 23, 2001 at 06:39:53PM -0400, Mitch Halmu wrote:
methods by which you implement them. You are still treating our company like some rogue .cn domain. One shoe fits all.
You've chosen to be part of the problem, Mitch, not part of the solution. The fact that you're only a small part of the problem doesn't make it less sensible to filter you.
On Wed, May 23, 2001 at 12:41:52PM -0400, Mitch Halmu exclaimed:
ORBS is a foreign entity. Out of reach. Vixie is ante portas. American, like you and me. Blackmailing American providers, breaking state and federal laws with impunity. People that subscribe to the blackhole lists probably have no idea who in particular they are blocking or to what extent. Or even why.
s/blackmailing/blackholing/i - and you have to remember, Vixie isn't blocking anybody's traffic (except for networks he operates). Individual operators that subscribe to MAPS choose what traffic to block or not block to their own networks. There's no blackmail there, and certainly no laws saying that I must accept whatever traffic anybody on the Net wants to send my way. Let's keep this argument in the bounds of reality, at least. -- Scott Francis scott@ [work:] v i r t u a l i s . c o m Systems Analyst darkuncle@ [home:] d a r k u n c l e . n e t West Coast Network Ops GPG keyid 0xCB33CCA7 illum oportet crescere me autem minui
Third, the new 'rule' MAPS just came up with now is that you must keep your server open to their 'testing', or they'll blackhole you. See for yourself: http://www.dotcomeon.com/nph-rss-remove-blocking.html That is the reason given for blocking us the second time around. No new 'evidence', just open wide for inspection and say ahhh...
Uhhh... so how do you propose that relays are tested to make sure they're closed before being removed from the database?
This is the very thing they considered abusive just a few months ago. Wasn't it MAPS that blocked ORBS for scanning Abovenet's ports in the first place? So now they took their rival's worst rules and made it their own. Now it's my turn to say absolute rubbish.
You're obscuring a very fundamental difference. ORBS scans everyone, with no provocation. This is like checking if your neighbor's gun is loaded while it's in his safe. MAPS scans those who have created problems for its customers in the past. This is like checking if your neighbor's gun is loaded while it's pointing at you. Once you connect to me, and in so doing create a problem for me, you have no right to complain when I connect back to you. But if you connect to me without provocation to search me for vulnerabilities, that's a horse of another color. DS
I like how MAPS is allowed to black hole your machines and their traffic. But if you deny them access to your network resource as they are you are automatically assumed a spammer. Wait you don't believe the same things we do, well you must be the enemy. I think we can all agree spam isn't a good thing, but where we drawn the line is something we can't agree on. When you start black holing traffic to hosts and making that choice for other people. MAPS does this with their blacking of traffic. This type of power in the hands of a single person/organization is wrong. I would propose a system whereas there are multiple representatives from many viewpoints to make VERY SERIOUS decisions like this. I don't care how many disclaimers you have in your contracts, it's not the right way to deal with this problem.... Regards, Rob Sharp Mitch Halmu wrote:
On Wed, 23 May 2001, John Payne wrote:
Umm... yes. You run an open, abused mail relay, got listed in RSS and whine about it rather than fix it.
I have posted two URLs, one was to a slashdot article describing a stealth assault on Macromedia. So as to clarify the provenance of the URL previously given by others in full context. Don't see your comments there. Why? Perhaps the ACLU and those other do-good organizations command more respect than an ISP? But they're talking about the same thing!
The latter was to explain our position. Let's make several things clear. First, what is the difference between an open relay and a free email account somewhere? None, absolutely none. You could subscribe as Michael Mouse today, and the emperor of China tomorrow. Yet such service, with no credit card or implant chip to validate your true identity, giving away free resources to the world, is perfectly legit in your judgement.
NetSide maintains its own access control list. If a particular ip or ip range didn't abuse our servers, we feel no need to lock them out. And certainly not because you say so. Not to mention that all instances of abuse can be traced from logs to someone's ip, and there is a venue of complaint with the abuser's provider. We have a valid reason for doing so: locking our servers would prevent our customers from roaming, and we would also lose a good part of our non-local client base, some of them subscribed since 1995, who couldn't make full use of their accounts anymore.
Second, open relays were the norm until Paul Vixie decided you should do otherwise. And in many cases, he convinced thy by brute force that his way is the right way is the only way. But it wasn't the legal way. Most providers bent over and silently took the punishment. We won't. Do I seem to whine here?
Third, the new 'rule' MAPS just came up with now is that you must keep your server open to their 'testing', or they'll blackhole you. See for yourself: http://www.dotcomeon.com/nph-rss-remove-blocking.html That is the reason given for blocking us the second time around. No new 'evidence', just open wide for inspection and say ahhh...
Could you be more clueless?
That's just about what I was going to ask you. This is not about the merits of some technological implementation over another. It is about basic rights and freedoms shamelessly trampled upon by those that can thump their chests the loudest and have Daddy Warbucks bankroll their operation. Say you fall out of grace with the 'in' crowd tomorrow, could it be your turn?
If you want to whine some more, news.admin.net-abuse.email is over there -> and spam-l is that way <-
And you, John Payne, are here. And clearly on the side of the network operator that's deliberately destroying the connectivity of other networks. This problem won't just go away, as much as you want it swept under the rug.
--Mitch NetSide
On Wed, 23 May 2001 12:57:24 EDT, Robert Sharp said:
I like how MAPS is allowed to black hole your machines and their traffic. But if you deny them access to your network resource as they are you are automatically assumed a spammer. Wait you don't believe the same things we do, well you must be the enemy.
I like how people like to rant without correlation to reality. MAPS doesn't blackhole your machines. *I* blackhole your machines, based on *MY* decision that if you're listed in MAPS, you're somebody I don't want to talk to. Until you get that little detail straight, all your pissing and moaning about MAPS is just that - pissing and moaning. You can complain to MAPS about being listed in their database, or you can complain to me about my black holing your traffic because I found you listed in MAPS. But you can't complain about MAPS black holing you because they don't. Using a clue for more than 20 seconds would show that MAPS *CANT* blackhole your traffic themselves - if they did, HOW WOULD THEY TEST THAT YOU"D CLOSED AN OPEN RELAY? -- Valdis Kletnieks Operating Systems Analyst Virginia Tech
OK Let me start again. Lets go over some assumptions I made the first time that obviously need to be restated. 1) MAPS is a single self appoint law enforcement agency on the INTERNET. Don't argue until you hear me out. a) MAPS creates the LAW, ie. no open relay b) MAPS enforces the law and if you don't let them scan your machine you are automatically assumed guilty. Last I checked you needed a warrent and some proof to do that, one easily forgable email header is not proof, in any universe. ie. You create a mailserver, you don't allow MAPS to probe it, you are placed on the list, by someone for nomination, because they think they were SPAMMED by you. Were they spammed? maybe, maybe not, some people give out their email address on every webform they can find and don't click the right check box ect and are placed on this list. Perhaps no ONE peice of spam has ever graced you machine, you are still guilty. I have heard the arguement, how can maps tell if you are an open relay if you don't let them scan. Well you can't sorry, not everything in the world can go your way... I know this means in fact this arguement may not go my way. Again I am willing to accept it, but I will not buckle to comment of about my intellect and my lack of being informed as defeat. It's simple not true. c)MAPS sentences you. You are placed on this LIST rather or not you are actually generating spam. This is a case of the ends justifiys the means. A few netizens of NANOG don't understand my point. The IDEA of maps isn't a bad idea, the idea of summarily judging a server and causing people who are using legimate use problems is wrong. I am not saying this is the norm, but it obiviously seems that some people have questioned the MAPS "way" and have had it fall on deaf MAP'S ears. I don't like the IDEA of one person controlling the show. I would rather have a commitee, create the rules and see it enforced. And if you use the MAPS list by your choice you are most definetly filtering out email or traffic for people who are legitimate. I know I have been filtered before. MAPS is using a very large hammer to kill a not so large bug. In conclusion. I HATE spam like everyone else. I am just opposed to the solution that seems to keep gaining acceptance. And I have been asked by many other people on and off list to spot expressing my obviously un informed views. We let me say that asking, rather demanding, I stop questioning this is dead wrong and if people didn't question ideas we would still thing the earth was flat and we were the center of the universe. Regards, Rob Valdis.Kletnieks@vt.edu wrote:
On Wed, 23 May 2001 12:57:24 EDT, Robert Sharp said:
I like how MAPS is allowed to black hole your machines and their traffic. But if you deny them access to your network resource as they are you are automatically assumed a spammer. Wait you don't believe the same things we do, well you must be the enemy.
I like how people like to rant without correlation to reality. MAPS doesn't blackhole your machines. *I* blackhole your machines, based on *MY* decision that if you're listed in MAPS, you're somebody I don't want to talk to.
Until you get that little detail straight, all your pissing and moaning about MAPS is just that - pissing and moaning. You can complain to MAPS about being listed in their database, or you can complain to me about my black holing your traffic because I found you listed in MAPS. But you can't complain about MAPS black holing you because they don't.
Using a clue for more than 20 seconds would show that MAPS *CANT* blackhole your traffic themselves - if they did, HOW WOULD THEY TEST THAT YOU"D CLOSED AN OPEN RELAY? -- Valdis Kletnieks Operating Systems Analyst Virginia Tech
------------------------------------------------------------------------ Part 1.2Type: application/pgp-signature
On Wed, 23 May 2001 14:36:15 EDT, Robert Sharp said:
And if you use the MAPS list by your choice you are most definetly filtering out email or traffic for people who are legitimate. I know I have been filtered before. MAPS is using a very large hammer to kill a not so large bug.
Hmm.. you won't configure it correctly. RFC2505 is "Best Current Practice". You get filtered because you won't configure it correctly. You say you've been filtered *before* because you won't configure it correctly. Yes, we *admit* we're using a large hammer. Bouncing your e-mail didn't get your attention. Maybe irate users will get your attention. But I am doubting it. -- Valdis Kletnieks Operating Systems Analyst Virginia Tech
I would like to make the point that I do run two mail servers and both a maps approved. Please don't tell me I don't know how to run a mail server. Again I am not discussing your ability , please don't poke fun at me. In fact I had some trouble with spam on one of them because someone was signing up a list I use for the owl networks mailing list. I infact installed MAPS to see if it helped the problem. It did not because the user didn't run an open relay site but rather a no confirmation email list. Would I be correct to assume they should be in the MAPS list too? As you can see sometime spam/annoying emails is not always sent throught an open relay but sometimes it's a problem with mailing lists..... What should maps do, start adding sites that act like this? I am just making the point that if MAPS wasn't run by one person with total control maybe some of us "retards who don't know what we are doing" would be a bit more will to support the effort. Rob Valdis.Kletnieks@vt.edu wrote:
On Wed, 23 May 2001 14:36:15 EDT, Robert Sharp said:
And if you use the MAPS list by your choice you are most definetly filtering out email or traffic for people who are legitimate. I know I have been filtered before. MAPS is using a very large hammer to kill a not so large bug.
Hmm.. you won't configure it correctly. RFC2505 is "Best Current Practice".
You get filtered because you won't configure it correctly.
You say you've been filtered *before* because you won't configure it correctly.
Yes, we *admit* we're using a large hammer. Bouncing your e-mail didn't get your attention. Maybe irate users will get your attention. But I am doubting it. -- Valdis Kletnieks Operating Systems Analyst Virginia Tech
------------------------------------------------------------------------ Part 1.2Type: application/pgp-signature
--On Wednesday, May 23, 2001 4:04 PM -0400 Robert Sharp <rsharp@appliedtheory.com> wrote:
I infact installed MAPS to see if it helped the problem. It did not because the user didn't run an open relay site but rather a no confirmation email list. Would I be correct to assume they should be in the MAPS list too?
They would be eligible for listing on the RBL per http://mail-abuse.org/rbl/candidacy.html.
As you can see sometime spam/annoying emails is not always sent throught an open relay but sometimes it's a problem with mailing lists..... What should maps do, start adding sites that act like this?
When we receive a valid and actionable nomination per the requirements of http://mail-abuse.org/rbl/reporting.html, it is investigated and handled according to procedures. If the entity is unable or unwilling to rectify the situation that allows them to continue to send unsolicited e-mail, they *do* get added to the RBL. What we don't do is add them to the RSS. That's for open, single stage, abused relays. We haven't been escalating those to the RBL for the better part of a year. Multi-hop open abused relays are still eligible for listing on the RBL.
I am just making the point that if MAPS wasn't run by one person with total control maybe some of us "retards who don't know what we are doing" would be a bit more will to support the effort.
Well, since MAPS *isn't* run one person with total control but rather a good sized staff of folks that have various responsiblilties for receiving, assessing, investigating and recommending listings or otherwise resolving the nominations for our various lists, does this mean you are going to be supporting the effort? You might want to read http://mail-abuse.org/articles/dmnews.2000-11-13.11536.html. I think you are a bit misinformed. -- =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Margie Arbon Mail Abuse Prevention System, LLC Manager, Market and Business Development margie@mail-abuse.org http://mail-abuse.org
Quoting Robert Sharp (rsharp@appliedtheory.com):
I would like to make the point that I do run two mail servers and both a maps approved. Please don't tell me I don't know how to run a mail server. Again I am not discussing your ability , please don't poke fun at me. In fact I had some trouble with spam on one of them because someone was signing up a list I use for the owl networks mailing list. I infact installed MAPS to see if it helped the problem. It did not because the user didn't run an open relay site but rather a no confirmation email list.
What strange logic process brought you to the conclusion that you should use MAPS to block email from one particular mailing list? Maybe English isn't your native tounge and I'm just not understanding you, or a thorough course of instruction on Internet email, and how to block it, is in order.
Would I be correct to assume they should be in the MAPS list too?
Why, yes, if someone *nominates* the list for inclusion into MAPS and shows documentation of the problem. ...
I am just making the point that if MAPS wasn't run by one person with total control maybe some of us "retards who don't know what we are doing" would be a bit more will to support the effort.
You think MAPS is just one person? You don't know a thing about what you are complaining about, as evidenced by this and your other words above. http://www.mail-abuse.org/about-us.htm Confusing it with ORBS, perhaps. Aaron
-----Original Message----- From: owner-nanog@merit.edu [mailto:owner-nanog@merit.edu]On Behalf Of Robert Sharp Sent: May 23, 2001 2:36 PM To: Valdis.Kletnieks@vt.edu Cc: nanog@merit.edu Subject: Re: Stealth Blocking
OK Let me start again. Lets go over some assumptions I made the first time that obviously need to be restated.
Like a large majority of all assumptions, they are based on little but your own personal opinion of this issue...
1) MAPS is a single self appoint law enforcement agency on the INTERNET. Don't argue until you hear me out.
Fine, since I'm a nice guy and want to give you a chance, I'll leave my replies to further down below.
a) MAPS creates the LAW, ie. no open relay
No. MAPS provides a listing of people with open relays (or dialup IPs, or whatever, depending on what MAPS list you use). A phone book provides a listing of restaurants providing Italian food; how is that different?
b) MAPS enforces the law and if you don't let them scan your machine you are automatically assumed guilty. Last I checked you needed a warrent and some proof to do that, one easily forgable email header is not proof, in any universe.
So, as someone else pointed out, you mind MAPS scanning your machine, but you don't mind spammers relaying through it? I'm afraid that your value system's logic is not apparent to me; perhaps you'll care to enlighten us?
c)MAPS sentences you. You are placed on this LIST rather or not you are actually generating spam. This is a case of the ends justifiys the means.
MAPS sentences you to WHAT????? MAPS is a LISTING. It just so coincidentally happens that several thousands (or hundreds of thousands) of your fellow network/system administrators don't want mail from open relays. So, MAPS makes a list of open relays and says to those people "here folks, we'll give you a list of those open relays you don't WANT, so you don't need to go and find them and block them yourself, which will take you forever". A large amount of these people agree that MAPS' offering is useful to them. The people sentencing you, to use your analogy, are the network administrators using MAPS (or ORBS, or vi /etc/mail/access, or whatever) to block you. Your crime? You run an open relay. If these people don't want open relays talking to their mail servers, then I don't see who the hell you are to tell them that they HAVE to accept mail from you. They don't. Each network admins' servers are his/her own, and if he/she doesn't want his/her servers to talk to yours, then too bad for you. I might add that whether your open relay is abused or not isn't the question; an open relay is almost like a loaded weapon being pointed at someone else's servers. It will be abused someday, and being proactive means blocking it _before_ the next wannabe spam king sends a few dozen gigs of spam through you. If you get blocked _after_ the gigs of spam have been sent, then there's still a lot of damage to be cleaned up.
on deaf MAP'S ears. I don't like the IDEA of one person controlling the show. I would
What show? MAPS provides a listing. Obviously, whoever USES MAPS' listing trusts MAPS' judgment, just like whoever buys a $WHATEVER based on $INDUSTRY_PUBLICATION's opinion of it obviously trusts $INDUSTRY_PUBLICATION. MAPS isn't FORCING anyone to use the RBL/DUL/RSS/etc, last time I checked. (If that's their new policy, then I guess I'm in trouble).
And if you use the MAPS list by your choice you are most definetly filtering out email or traffic for people who are legitimate. I know I have been filtered before. MAPS is using a very large hammer to kill a not so large bug.
Do you have any evidence to support your claim that spam sent through open relays are a "not so large bug"?
In conclusion. I HATE spam like everyone else. I am just opposed to the solution that seems to keep gaining acceptance. And I have been asked by many other people on and off list to spot expressing my obviously un informed views. We let me say that asking, rather demanding, I stop questioning this is dead wrong and if people didn't question ideas we would still thing the earth was flat and we were the center of the universe.
Well, OK, so you don't like the method MAPS has chosen, but now claim to hate spam. At least _they_ are doing something to fight the problem; if you don't agree with their method, then why don't you implement your own? I'm sure lots of people would love a better solution than MAPS, because, as you pointed out (and I agree with you that MAPS can lead to legitimate mail being blocked due to the cluelessness or wilful blindness of various admins), MAPS' way isn't perfect. But, for now, there isn't much else out there... Vivien -- Vivien M. vivienm@dyndns.org Assistant System Administrator Dynamic DNS Network Services http://www.dyndns.org/
1) MAPS is a single self appoint law enforcement agency on the INTERNET. Don't argue until you hear me out. a) MAPS creates the LAW, ie. no open relay b) MAPS enforces the law
I didn't think I'd ever be drawn into this debate, however... MAPS publishes a list of IP addresses. It might use whatever bizarre mechanism it likes to generate them. However, in my personal view, and many many other people, this lists bears a very good correlation to IP addresses which I don't want sending email to my mail server. They do this for free. Noone is forced to use them. If you think the way they identify these IP addresses is (a) irrational (b) unjust (c) bizarre, whatever, please feel free to create your own competitive product/gift, gain the sort of respect MAPS has, and good luck to you. However, in the mean time, stop whining at people who are merely publishing exactly that - a list of IP addresses determined via a relatively well documented procedure - and, if you have a good case (but I think not) start trying to convince those thousands of users who think that subscribing is a good way to stop spam that they are fundamentally wrong. -- Alex Bligh Personal Capacity
If you want to think of it in those terms, fine. Like any other "law", the MAPS RBL has power only because the population (of ISPs in this case) at large believes that it is just, and should be followed. ISPs that subscribe to MAPS RBL are saying that they believe that open relays should not exist, that MAPS should be able to test for this condition, and that they don't want to receive e-mail from non-compliant hosts. If you think this is a bad "law", then you'll need to convince enough of the rest of the population at large of such, and then perhaps ISPs will unsubscribe from the MAPS RBL. /cbz On Wed, May 23, 2001 at 02:36:15PM -0400, Robert Sharp wrote:
OK Let me start again. Lets go over some assumptions I made the first time that obviously need to be restated.
1) MAPS is a single self appoint law enforcement agency on the INTERNET. Don't argue until you hear me out. a) MAPS creates the LAW, ie. no open relay
b) MAPS enforces the law and if you don't let them scan your machine you are automatically assumed guilty. Last I checked you needed a warrent and some proof to do that, one easily forgable email header is not proof, in any universe. ie. You create a mailserver, you don't allow MAPS to probe it, you are placed on the list, by someone for nomination, because they think they were SPAMMED by you. Were they spammed? maybe, maybe not, some people give out their email address on every webform they can find and don't click the right check box ect and are placed on this list. Perhaps no ONE peice of spam has ever graced you machine, you are still guilty. I have heard the arguement, how can maps tell if you are an open relay if you don't let them scan. Well you can't sorry, not everything in the world can go your way... I know this means in fact this arguement may not go my way. Again I am willing to accept it, but I will not buckle to comment of about my intellect and my lack of being informed as defeat. It's simple not true.
c)MAPS sentences you. You are placed on this LIST rather or not you are actually generating spam. This is a case of the ends justifiys the means.
A few netizens of NANOG don't understand my point. The IDEA of maps isn't a bad idea, the idea of summarily judging a server and causing people who are using legimate use problems is wrong. I am not saying this is the norm, but it obiviously seems that some people have questioned the MAPS "way" and have had it fall on deaf MAP'S ears. I don't like the IDEA of one person controlling the show. I would rather have a commitee, create the rules and see it enforced.
And if you use the MAPS list by your choice you are most definetly filtering out email or traffic for people who are legitimate. I know I have been filtered before. MAPS is using a very large hammer to kill a not so large bug.
In conclusion. I HATE spam like everyone else. I am just opposed to the solution that seems to keep gaining acceptance. And I have been asked by many other people on and off list to spot expressing my obviously un informed views. We let me say that asking, rather demanding, I stop questioning this is dead wrong and if people didn't question ideas we would still thing the earth was flat and we were the center of the universe.
Regards,
Rob
Valdis.Kletnieks@vt.edu wrote:
On Wed, 23 May 2001 12:57:24 EDT, Robert Sharp said:
I like how MAPS is allowed to black hole your machines and their traffic. But if you deny them access to your network resource as they are you are automatically assumed a spammer. Wait you don't believe the same things we do, well you must be the enemy.
I like how people like to rant without correlation to reality. MAPS doesn't blackhole your machines. *I* blackhole your machines, based on *MY* decision that if you're listed in MAPS, you're somebody I don't want to talk to.
Until you get that little detail straight, all your pissing and moaning about MAPS is just that - pissing and moaning. You can complain to MAPS about being listed in their database, or you can complain to me about my black holing your traffic because I found you listed in MAPS. But you can't complain about MAPS black holing you because they don't.
Using a clue for more than 20 seconds would show that MAPS *CANT* blackhole your traffic themselves - if they did, HOW WOULD THEY TEST THAT YOU"D CLOSED AN OPEN RELAY? -- Valdis Kletnieks Operating Systems Analyst Virginia Tech
------------------------------------------------------------------------ Part 1.2Type: application/pgp-signature
On Wed, 23 May 2001, Christopher B. Zydel wrote:
Like any other "law", the MAPS RBL has power only because the population (of ISPs in this case) at large believes that it is just, and should be followed. ISPs that subscribe to MAPS RBL are saying that they believe that open relays should not exist, that MAPS should be able to test for this condition, and that they don't want to receive e-mail from non-compliant hosts. If you think this is a bad "law", then you'll need to convince enough of the rest of the population at large of such, and then perhaps ISPs will unsubscribe from the MAPS RBL.
/cbz
The problem with your logic is that ad-hoc 'laws' conceived by majorities do not necessarily reflect the actual law of the land. Our legal system has conceived checks and balances against the tyranny of the majority. There are compelling reasons throughout history why such system works best. A trivial example of my point are anti-discrimination laws. Unfortunately, technology jumped too far ahead, too fast. A lot of the issues discussed here will revert back to normality, just like in any aging frontier community, once the legal system catches up. Some may not want the government's camel in their tent, but I say it's preferable to the status quo and levels the playing field again for all players. --Mitch NetSide
On Wed, 23 May 2001, Mitch Halmu wrote:
The problem with your logic is that ad-hoc 'laws' conceived by majorities do not necessarily reflect the actual law of the land. Our legal system has conceived checks and balances against the tyranny of the majority. There are compelling reasons throughout history why such system works best. A trivial example of my point are anti-discrimination laws.
Last time I checked the law of the land said if it's my machine, I can decide who connects to it. And who sends me mail.. It's an interesting argument. I use the MAPS RBL, and you should be glad I do, heres why. Suppose you get listed because you had a spammer relay. You end up on it. You fix the problem and it gets removed. Suppose I don't use it, and one of those spammers mails came to me. I manually blacklist you. Which do you prefer, fixing it and letting one entity know, or fixing it and letting thousands know? This has happened lots of times. A company sues (MAPS/ORBS) and gets an injuction. The public finds out and the netblocks belonging to that company promptly go in the manual blacklist file on thousands of sites, including ours. You really helped the issue there didn't you? Jason -- Jason Slagle - CCNP - CCDP Network Administrator - Toledo Internet Access - Toledo Ohio - raistlin@tacorp.net - jslagle@toledolink.com - WHOIS JS10172 /"\ . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . \ / ASCII Ribbon Campaign . If dreams are like movies then memories X - NO HTML/RTF in e-mail . are films about ghosts.. / \ - NO Word docs in e-mail . - Adam Duritz - Counting Crows
On Thu, 24 May 2001 09:30:33 EDT, Jason Slagle said:
Last time I checked the law of the land said if it's my machine, I can decide who connects to it. And who sends me mail..
Be careful, it's not as clear-cut as it may seem. At least in one US District Court, portscanning was held to be legal (or more precisely, that you couldn't count the cost of investigating one against damages)... http://www.securityfocus.com/templates/article.html?id=126 -- Valdis Kletnieks Operating Systems Analyst Virginia Tech
That is different. I'm not attempting to collect damages here, merely deny them access. This is along the lines of saying I have to allow hackers access to my machines. While the port scan may be legal in a sense that I can't collect damages on it alone, I doubt you'll find a court who will challenge the idea that I have to let you connect to my machines. Most people who use things such as the RBL in a commercial environment make it known in their terms of service that they do such things. As a matter of fact some people even charge extra for this service. The argument that it impedes commerce is moot in my eyes, because as long as the customer knows or is capable of knowing (Not my problem if you didn't read my TOS if you knew it existed), then they have the choice of going somewhere the RBL or similar list are not use. Of course IINAL. We used ORBS for awhile, and it did hit a lot of false positives, so we stopped it. We've been using RBL+DUL+RSS for nearly 2 years now IIRC, and in that time we have had 5 calls that I can recall about legit email being blocked. In 3 of them we contacted the remote system and the relay was fixed. In 2, the owner refused to fix the relay, so we just informed the customer and the person trying to mail them of the problem, and the implications of the other end not fixing their mail server. In both instances the sending end changed providers. Jason -- Jason Slagle - CCNP - CCDP Network Administrator - Toledo Internet Access - Toledo Ohio - raistlin@tacorp.net - jslagle@toledolink.com - WHOIS JS10172 /"\ . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . \ / ASCII Ribbon Campaign . If dreams are like movies then memories X - NO HTML/RTF in e-mail . are films about ghosts.. / \ - NO Word docs in e-mail . - Adam Duritz - Counting Crows On Thu, 24 May 2001 Valdis.Kletnieks@vt.edu wrote:
On Thu, 24 May 2001 09:30:33 EDT, Jason Slagle said:
Last time I checked the law of the land said if it's my machine, I can decide who connects to it. And who sends me mail..
Be careful, it's not as clear-cut as it may seem. At least in one US District Court, portscanning was held to be legal (or more precisely, that you couldn't count the cost of investigating one against damages)...
On Wed, 23 May 2001, John Payne wrote:
Umm... yes. You run an open, abused mail relay, got listed in RSS and whine about it rather than fix it.
I have posted two URLs, one was to a slashdot article describing a stealth assault on Macromedia. So as to clarify the provenance of the URL previously given by others in full context. Don't see your comments there. Why? Perhaps the ACLU and those other do-good organizations command more respect than an ISP? But they're talking about the same thing!
The latter was to explain our position. Let's make several things clear. First, what is the difference between an open relay and a free email account somewhere? None, absolutely none. You could subscribe as Michael Mouse today, and the emperor of China tomorrow. Yet such service, with no credit card or implant chip to validate your true identity, giving away free resources to the world, is perfectly legit in your judgement.
NetSide maintains its own access control list. If a particular ip or ip range didn't abuse our servers, we feel no need to lock them out. And certainly not because you say so. Not to mention that all instances of abuse can be traced from logs to someone's ip, and there is a venue of complaint with the abuser's provider. We have a valid reason for doing so: locking our servers would prevent our customers from roaming, and we would also lose a good part of our non-local client base, some of them subscribed since 1995, who couldn't make full use of their accounts anymore.
Second, open relays were the norm until Paul Vixie decided you should do otherwise. And in many cases, he convinced thy by brute force that his way is the right way is the only way. But it wasn't the legal way. Most providers bent over and silently took the punishment. We won't. Do I seem to whine here?
Third, the new 'rule' MAPS just came up with now is that you must keep your server open to their 'testing', or they'll blackhole you. See for yourself: http://www.dotcomeon.com/nph-rss-remove-blocking.html That is the reason given for blocking us the second time around. No new 'evidence', just open wide for inspection and say ahhh...
Could you be more clueless?
That's just about what I was going to ask you. This is not about the merits of some technological implementation over another. It is about basic rights and freedoms shamelessly trampled upon by those that can thump their chests the loudest and have Daddy Warbucks bankroll their operation. Say you fall out of grace with the 'in' crowd tomorrow, could it be your turn?
If you want to whine some more, news.admin.net-abuse.email is over
I would suggest that folks read how MAPS RBL works before they spew innuendo and half-truths. MAPS may not be perfect, but it certainly isn't 'a single person/organization' with this power. MAPS only acts on third-party nominations, has an exceedingly drawn-out confirmation process, and only publishes a BGP feed that *providers* must configure their routers to accept. MAPS RBL does nothing beyond publish a list of known, confirmed, unrepentant spam sites in the format of a BGP4 advertisement. Private networks can and will block what they want, MAPS just publishes a list of sites that they block from their network. I (and every other network operator) can and will block whatever I want, unless my contract with my customers prevents it. Jeremiah -----Original Message----- From: owner-nanog@merit.edu [mailto:owner-nanog@merit.edu]On Behalf Of Robert Sharp Sent: Wednesday, May 23, 2001 12:57 PM To: Mitch Halmu Cc: John Payne; nanog@merit.edu Subject: Re: Stealth Blocking I like how MAPS is allowed to black hole your machines and their traffic. But if you deny them access to your network resource as they are you are automatically assumed a spammer. Wait you don't believe the same things we do, well you must be the enemy. I think we can all agree spam isn't a good thing, but where we drawn the line is something we can't agree on. When you start black holing traffic to hosts and making that choice for other people. MAPS does this with their blacking of traffic. This type of power in the hands of a single person/organization is wrong. I would propose a system whereas there are multiple representatives from many viewpoints to make VERY SERIOUS decisions like this. I don't care how many disclaimers you have in your contracts, it's not the right way to deal with this problem.... Regards, Rob Sharp Mitch Halmu wrote: there ->
and spam-l is that way <-
And you, John Payne, are here. And clearly on the side of the network operator that's deliberately destroying the connectivity of other networks. This problem won't just go away, as much as you want it swept under the rug.
--Mitch NetSide
On Wed, 23 May 2001, Jeremiah Kristal wrote:
I would suggest that folks read how MAPS RBL works before they spew innuendo and half-truths. MAPS may not be perfect, but it certainly isn't 'a single person/organization' with this power. MAPS only acts on third-party nominations, has an exceedingly drawn-out confirmation process, and only publishes a BGP feed that *providers* must configure their routers to accept. MAPS RBL does nothing beyond publish a list of known, confirmed, unrepentant spam sites in the format of a BGP4 advertisement. Private networks can and will block what they want, MAPS just publishes a list of sites that they block from their network. I (and every other network operator) can and will block whatever I want, unless my contract with my customers prevents it.
Jeremiah
Okay, let's assume you're right, and the MAPS folks are the fairest in the land. Then how do you explain our case? NetSide was blackholed between Jul 13, 00 and Feb 27, 01, then the block was mysteriously lifted, only to be reistated on May 11, 01. The 'evidence' is the same, a single relayed message from a Corecomm customer to daver.bungi.com That is Dave Rand's personal playground. Dave is also a founding father of MAPS, and was recently (like Apr 30) elevated to the reigns after he 'retired' from MFNX. We were blackholed again on a capricious change in their rules. Tomorrow there will be even more rules. And so the noose tightens... Thought you said third party nomination, not insider? I allege they draw a profit from their activities, and that is the true purpose of all this. The non-profit organization voluntarily relinquished its tax exempt status, and Vixie explained why on his pages. If I remember correctly, it's because the government would investigate complaints. The type of cartel that was created here is against anti-trust laws in the US. That's what is commonly referred to as conspiracy to restrict trade. The legal aspects are well covered on http://www.dotcomeon.com Furthermore, MAPS doesn't really openly publish its lists. Why do you think that's so? Wouldn't it be nice, or at least fair for everyone to know who's listed? So now, how has my business bothered your business? It hasn't. I don't recall any complaints from your service. That means we at least manage and monitor our servers pretty effectively as configured, and we're not unrepentent spammers. But we dared to be different. Face it, it's really our philosophy that angers you. --Mitch NetSide
On Wed, 23 May 2001, Mitch Halmu wrote:
The type of cartel that was created here is against anti-trust laws in the US. That's what is commonly referred to as conspiracy to restrict trade. The legal aspects are well covered on http://www.dotcomeon.com Furthermore, MAPS doesn't really openly publish its lists. Why do you think that's so? Wouldn't it be nice, or at least fair for everyone to know who's listed?
And then those who are listed on ORBS complain that the list is being used to suggest attacks on those open relays. While MAPS may not have a single list you can download, anyone is free to lookup any IP address and see if it is listed, so it is definitely public.
So now, how has my business bothered your business? It hasn't. I don't recall any complaints from your service. That means we at least manage and monitor our servers pretty effectively as configured, and we're not unrepentent spammers. But we dared to be different. Face it, it's really our philosophy that angers you.
Or perhaps because those who care to use MAPS didn't see any spam from your servers in the first place... I use RBL/RSS/DUL on my home email server. I recognize that some legitimate mail to me may get bounced (I periodically check the logs to see what is getting rejected, which is about 1 legitimate mail every 2-3 months), but that is a price I am willing to pay to avoid spam. Anyone I really care to talk to knows other ways to contact me anyway. My home email account gets about 1 spam per week, while my email address at a previous employer (which does not use RBL/etc) gets about 150 spams per day. Both addresses are listed as whois contacts, both have posted messages on public mailing lists, etc. That is why I choose to block sites listed there, and I suspect that is the reason most people choose to use them. It has nothing to do with your philosophy -- I had no idea who you were or what your philosophy was until you started this thread. Nobody forces anyone to use any of the MAPS lists. At a previous employer, we used MAPS RBL for a while until Netcom was blocked. As we were an ISP, many of our customers complained about this so we stopped using RBL until we were able to offer the option to enable it individually per account and allow each customer to configure their filters. John A. Tamplin jat@jaet.org 770/436-5387 HOME 4116 Manson Ave 770/431-9459 FAX Smyrna, GA 30082-3723
Let me add that to this that it is trivial for a MAPS subscriber to "whitelist" any site, overriding any affects of a listing in the RBL, DUL or RSS, via ALLOW statements in a mail server or deny statements on an inbound distribute list in the case of a BGP RBL subscriber. Any provider that wanted to receive email from/route traffic to an IP listed on the MAPS lists can easily do so without necessarily unsubsribing from the service. I'm saying this to hopefully drive home the argument that MAPS does not blackhole ANYONE, its subscribers do. And those subscribers have the option at any time of overriding a MAPS listing within their own network. -C On Wed, May 23, 2001 at 01:45:19PM -0400, Jeremiah Kristal wrote:
I would suggest that folks read how MAPS RBL works before they spew innuendo and half-truths. MAPS may not be perfect, but it certainly isn't 'a single person/organization' with this power. MAPS only acts on third-party nominations, has an exceedingly drawn-out confirmation process, and only publishes a BGP feed that *providers* must configure their routers to accept. MAPS RBL does nothing beyond publish a list of known, confirmed, unrepentant spam sites in the format of a BGP4 advertisement. Private networks can and will block what they want, MAPS just publishes a list of sites that they block from their network. I (and every other network operator) can and will block whatever I want, unless my contract with my customers prevents it.
Jeremiah
-----Original Message----- From: owner-nanog@merit.edu [mailto:owner-nanog@merit.edu]On Behalf Of Robert Sharp Sent: Wednesday, May 23, 2001 12:57 PM To: Mitch Halmu Cc: John Payne; nanog@merit.edu Subject: Re: Stealth Blocking
I like how MAPS is allowed to black hole your machines and their traffic. But if you deny them access to your network resource as they are you are automatically assumed a spammer. Wait you don't believe the same things we do, well you must be the enemy.
I think we can all agree spam isn't a good thing, but where we drawn the line is something we can't agree on. When you start black holing traffic to hosts and making that choice for other people. MAPS does this with their blacking of traffic. This type of power in the hands of a single person/organization is wrong. I would propose a system whereas there are multiple representatives from many viewpoints to make VERY SERIOUS decisions like this. I don't care how many disclaimers you have in your contracts, it's not the right way to deal with this problem....
Regards,
Rob Sharp
Mitch Halmu wrote:
On Wed, 23 May 2001, John Payne wrote:
Umm... yes. You run an open, abused mail relay, got listed in RSS and whine about it rather than fix it.
I have posted two URLs, one was to a slashdot article describing a stealth assault on Macromedia. So as to clarify the provenance of the URL previously given by others in full context. Don't see your comments there. Why? Perhaps the ACLU and those other do-good organizations command more respect than an ISP? But they're talking about the same thing!
The latter was to explain our position. Let's make several things clear. First, what is the difference between an open relay and a free email account somewhere? None, absolutely none. You could subscribe as Michael Mouse today, and the emperor of China tomorrow. Yet such service, with no credit card or implant chip to validate your true identity, giving away free resources to the world, is perfectly legit in your judgement.
NetSide maintains its own access control list. If a particular ip or ip range didn't abuse our servers, we feel no need to lock them out. And certainly not because you say so. Not to mention that all instances of abuse can be traced from logs to someone's ip, and there is a venue of complaint with the abuser's provider. We have a valid reason for doing so: locking our servers would prevent our customers from roaming, and we would also lose a good part of our non-local client base, some of them subscribed since 1995, who couldn't make full use of their accounts anymore.
Second, open relays were the norm until Paul Vixie decided you should do otherwise. And in many cases, he convinced thy by brute force that his way is the right way is the only way. But it wasn't the legal way. Most providers bent over and silently took the punishment. We won't. Do I seem to whine here?
Third, the new 'rule' MAPS just came up with now is that you must keep your server open to their 'testing', or they'll blackhole you. See for yourself: http://www.dotcomeon.com/nph-rss-remove-blocking.html That is the reason given for blocking us the second time around. No new 'evidence', just open wide for inspection and say ahhh...
Could you be more clueless?
That's just about what I was going to ask you. This is not about the merits of some technological implementation over another. It is about basic rights and freedoms shamelessly trampled upon by those that can thump their chests the loudest and have Daddy Warbucks bankroll their operation. Say you fall out of grace with the 'in' crowd tomorrow, could it be your turn?
If you want to whine some more, news.admin.net-abuse.email is over there -> and spam-l is that way <-
And you, John Payne, are here. And clearly on the side of the network operator that's deliberately destroying the connectivity of other networks. This problem won't just go away, as much as you want it swept under the rug.
--Mitch NetSide
-- --------------------------- Christopher A. Woodfield rekoil@semihuman.com PGP Public Key: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xB887618B
I have fairly strong feelings about the free speach issue myself, and I'd love to join in and help feed the trolls, but the S/N ratio is already bad enough. Maybe we could feed them via private email rather than inflicting it on the list. If a troll says something and nobody rebuts him, that doesn't mean that he wins. The troll wins by getting a response.
Hi FOlks, Does anybody know of any reference sources for finding out who has POPs in a specific city, and ideally where those POPs are located? Thanks much, Miles Fidelman ************************************************************************** The Center for Civic Networking PO Box 600618 Miles R. Fidelman, President & Newtonville, MA 02460-0006 Director, Municipal Telecommunications Strategies Program 617-558-3698 fax: 617-630-8946 mfidelman@civicnet.org http://civic.net/ccn.html Information Infrastructure: Public Spaces for the 21st Century Let's Start With: Internet Wall-Plugs Everywhere Say It Often, Say It Loud: "I Want My Internet!" **************************************************************************
On Wed, May 23, 2001 at 12:59:44PM -0500, Albert Meyer wrote:
it on the list. If a troll says something and nobody rebuts him, that doesn't mean that he wins. The troll wins by getting a response.
You're assuming that the responses are an attempt to convince the troll. They're not; nobody cares what the troll thinks. The responses are to convince the peanut gallery, because the fact is that the vast majority of those reading this (or any) mailing list are not posting, and many of them are undecided on any issue that comes up. We respond to trolls so that the lurkers will hear the rational sides of the story, not just the troll side. This has the unfortunate side effect of feeding the trolls, but it's an acceptable risk if it enhances the clue level of someone who isn't yet lost.
At 04:49 PM 5/23/01 -0400, Shawn McMahon wrote:
You're assuming that the responses are an attempt to convince the troll.
They're not; nobody cares what the troll thinks.
The responses are to convince the peanut gallery, because the fact is that the vast majority of those reading this (or any) mailing list are not posting, and many of them are undecided on any issue that comes up.
We respond to trolls so that the lurkers will hear the rational sides of the story, not just the troll side.
This has the unfortunate side effect of feeding the trolls, but it's an acceptable risk if it enhances the clue level of someone who isn't yet lost.
I disagree. This isn't CLUELESS-NEWBIE-L. Anyone reading NANOG can probably smell a troll. I know it's hard to resist feeding them - I participated in my share of trollfests on SPAM-L in 98 and 99 (not to mention the flamewars between genuine anti-spammers who disagreed about methods), but I like to think that I learned from the experience. Trolls don't go away until they stop getting responses. If you must enlighten the peanut gallery, "Go away troll" would suffice. Anything more guarantees that he will continue trolling. Arguing with a troll as if he were a rational person gives him the appearance of credibility.You can't get the last word. I know, I've tried. You can't. No matter how irrefutably you prove your point, he will simply embellish his troll and post it again.
On Wed, May 23, 2001 at 07:33:43PM -0500, Albert Meyer wrote:
I disagree. This isn't CLUELESS-NEWBIE-L. Anyone reading NANOG can probably smell a troll.
Ok, that's how you think. The lurkers who have emailed me privately agreeing with me think differently.
At 12:37 PM 5/24/01 -0400, Shawn McMahon wrote:
Ok, that's how you think.
The lurkers who have emailed me privately agreeing with me think differently.
OK you're right. I submit to the anonymous lurkers who agree with you. The horse is dead, its battered carcass was hauled away to the glue factory, and the wet spot where it laid has dried out, but let's beat the ground where it was. The troll wins. This is my last post on the non-subject. Would anyone care to discuss network operations?
Ok, one thing I neglected to mention in my egregious abuse of public trust earlier this week was that there are distinctly different assumptions wrt IPv6 and MTU sizing than with IPv4. While the archives show that there has been some discussion wrt performance hits when there are mismatched MTUs on layer2 media, it is unclear if there has been any consideration on mismatched MTUs at layer3 (IP). Thoughts? --bill
Having been a long time lurker (few years) and now a first time poster, I'm shocked this thread has lasted so long. Besides the fact the proverbial horse is begging from his grave for it to stop, my understanding is this doeesn't belong on here to begin with. MAPS, ORBS, and the like are resources utilized by *endsystems* (http://www.nanog.org/endsystem.html). Network providers, IMHO, have no business filtering mail between endsystems, unless that network provider is handling the mail for the endsystem (and thefore is still an endsystem issue). If network providers were filtering mail at the network level, then maybe you would have an appropriate conversation for here, but I don't believe that is currently happening. I have enough opinions (and I'm never afraid to voice opinions) about SPAM and the methods used to fight it to probably bore you all to death (if you aren't already there) but this isn't the place. And Shawn (and those who think this way), as (me) a member of the peanut gallery, I would respond to your comment below with the the response that most of the peanut gallery probably stopped listening on this thread long ago. -- Mike Jones mike@biggorilla.com * Shawn McMahon (smcmahon@eiv.com) [05/23/01 23:22]:
The responses are to convince the peanut gallery, because the fact is that the vast majority of those reading this (or any) mailing list are not posting, and many of them are undecided on any issue that comes up.
On Thu, 24 May 2001 mike@biggorilla.com wrote:
MAPS, ORBS, and the like are resources utilized by *endsystems* (http://www.nanog.org/endsystem.html). Network providers, IMHO, have no business filtering mail between endsystems, unless that network provider is handling the mail for the endsystem (and thefore is still an endsystem issue). If network providers were filtering mail at the network level, then maybe you would have an appropriate conversation for here, but I don't believe that is currently happening.
But that is the very issue that was discussed. Some filtering is indeed happening at the network level, regardless of what you may believe. There is supportive evidence of broken connectivity and transit packet loss because of blackholing by Tier 1 providers. Perhaps you missed the news that Macromedia's WEB SITE was blocked for a few days by Abovenet's routers? And so was Peacefire's, etc. --Mitch NetSide
On Thu, May 24, 2001 at 11:53:04AM -0400, Mitch Halmu wrote:
But that is the very issue that was discussed. Some filtering is indeed happening at the network level, regardless of what you may believe. There is supportive evidence of broken connectivity and transit packet loss because of blackholing by Tier 1 providers.
And NANOG is not the appropriate forum for such venting. If you have a problem with the filtering policies of a transit provider, you should communicate this to them directly. And failing that, don't give them your business, and encourage others to do the same.
Perhaps you missed the news that Macromedia's WEB SITE was blocked for a few days by Abovenet's routers?
This is not grounds for operational concern. If anything, it sounds like good reason to load up on _more_ AS 6461 transit, stat. I wholeheartedly support the blackholing of any company that encourages irresponsible web design, including the development of websites that require bloatware for proper viewing, and are more or less impossible to navigate for the visually impaired (or mobile CDPD, [legacy] Ricochet, BSWD, etc users -- representing a nice portion of the power users who are supposed to "benefit" from such rich-media sites) unless a HTML-only alternative exists. But I digress. On Thu, May 24, 2001 at 10:56:41AM -0700, Roeland Meyer wrote:
The negative side effect is that it cripples people who use email as a file transfer protocol.
Which I do, quite extensively.
So, people shouldn't rate limit their SMTP servers because you need to send large files via e-mail, when far more effective solutions exist (and are commonly used) today? I'm not sure I see the logic in this. -adam
On Wed, May 23, 2001 at 12:57:24PM -0400, Robert Sharp wrote:
making that choice for other people. MAPS does this with their blacking of traffic. This type of power in the hands of a single person/organization is wrong.
MAPS doesn't make any choice for other people, MAPS only provides documentation of the choices they've made for themselves. They're the email equivalent of Consumer Reports. Nobody is forced to use their lists.
I would propose a system whereas there are multiple representatives from many viewpoints to make VERY SERIOUS decisions like this.
Then stop proposing it, and actually create it. If people agree with you, they'll join you. If they prefer MAPS, take the hint that you're wrong and go away.
On Wed, May 23, 2001 at 10:33:11AM -0400, Mitch Halmu wrote:
I have posted two URLs, one was to a slashdot article describing a stealth assault on Macromedia. So as to clarify the provenance of the URL previously given by others in full context [...]
Slashdot has never been an accurate news source, and the article you've referenced is certainly no exception.
NetSide maintains its own access control list. If a particular ip or ip range didn't abuse our servers, we feel no need to lock them out. And certainly not because you say so. Not to mention that all instances of abuse can be traced from logs to someone's ip, and there is a venue of complaint with the abuser's provider.
Running open relays is _never_ an acceptable practice. Allowing the entire Internet to relay off your SMTP server, and then attempting to block offenders after the damage is done, isn't very effective or scalable. We've had this discussion before.
We have a valid reason for doing so: locking our servers would prevent our customers from roaming, and we would also lose a good part of our non-local client base, some of them subscribed since 1995, who couldn't make full use of their accounts anymore.
Most responsible operators are using SMTP auth, POP/IMAP-before-SMTP, secure tunneling, or some combination of the above to accomplish this. Why aren't you?
Second, open relays were the norm until Paul Vixie decided you should do otherwise. And in many cases, he convinced thy by brute force that his way is the right way is the only way. But it wasn't the legal way. Most providers bent over and silently took the punishment. We won't. Do I seem to whine here?
I don't think AboveNet/MFNX even subscribes to the MAPS RBL. Of course, if they are/were denying access to Macromedia as part of an internally-run blackhole, I give them props.
Third, the new 'rule' MAPS just came up with now is that you must keep your server open to their 'testing', or they'll blackhole you. See for yourself: http://www.dotcomeon.com/nph-rss-remove-blocking.html That is the reason given for blocking us the second time around. No new 'evidence', just open wide for inspection and say ahhh...
If you have a problem with this, take it up with its maintainers, not NANOG. -adam
participants (27)
-
Aaron L. Meehan -
Adam Rothschild -
Albert Meyer -
Alex Bligh -
Andy -
bmanning@vacation.karoshi.com -
Christopher A. Woodfield -
Christopher B. Zydel -
David Schwartz -
Derek Balling -
J.D. Falk -
Jason Slagle -
Jeremiah Kristal -
Jeremy T. Bouse -
John A. Tamplin -
John Payne -
Margie Arbon -
Mike Batchelor -
mike@biggorilla.com -
Miles Fidelman -
Mitch Halmu -
Robert Sharp -
Scott Francis -
Scott Raymond -
Shawn McMahon -
Valdis.Kletnieks@vt.edu -
Vivien M.