<<< Chronological >>> Author Index    Subject Index <<< Threads >>>

Re: ORBS ?


In your message of Tue, 8 Sep 1998 13:36:57 +0200 (MET DST) you wrote:

+ Sorry I don't want interrupt the discusion about original  proposal of John
+ Martin, but I just receive 5 messages as this:
+ 
+ *From: ORBS sender@localhost
+ *Reply-To: ORBS orbs@localhost
+ *Subject: 193.146.123.100 has been listed by ORBS
+ 
+ 
+  Anybody know ORBS (Open Relay Blocking System) initiative ? 

Since yesterday ;-) I also received a message about an open relay (read: a 
freshly installed Sun somewhere on the network with the standard sendmail 
running on port 25 although that wasn't needed at all ;-( When do 
software-vendors start to minimize the number of default installed server 
processes instead of adding more and more to a default installation ? ).

+ They are sent
+ messages saying that some SMTP servers of RedIRIS Network has
+ been added to the Dorkslayers Open Relay Blocking System (??) wich is an
+ automated relay listing system.

+ They have reason ...because  the SMTP servers referenced are really open
+ relay. But is it a serious initiative as MAPS RBL Proyect ? Black lists of
+ open relays it seems to me that is the only real and effective technical
+ solution to this problem.

I don't know how serious this is and I'm not sure what the differences are 
with RBL and why they thought it was necesary to add yet another blacklist. 
I do wonder however why this particular system was put on the dorkslayers 
list. The only 'relayed' message was a test message from 
sender@localhost to dorktest@localhost. No actual 'spam' was 
ever relayed through this system. On another (secured) machine the 
Dorkslayers also tried to send test messages through. Various times since 
this particular machine doesn't block on the SMTP-level but sucks in the 
message and in case of relaying it bounces the message to the originator. 
That must have been a bit of a surprise to the Dorkslayers ;-)

So it appears to me that the Dorkslayers just 'scan/test' whole networks 
and just blindly put all machines not complying to the 'Thou shall not 
relay rule' on the blacklist. I'm not sure that I like this way of 
promoting the closure of open relays...

Xander





<<< Chronological >>> Author    Subject <<< Threads >>>