Re: ORBS ?
- Date: Tue, 08 Sep 1998 13:59:00 +0200
- Address: Radboudburcht, P.O. Box 19115, 3501 DA Utrecht, NL
- Organisation: SURFnet ExpertiseCentrum bv
- Phone: +31 302 305 305
- Telefax: +31 302 305 329
In your message of Tue, 8 Sep 1998 13:36:57 +0200 (MET DST) you wrote:
+ Sorry I don't want interrupt the discusion about original proposal of John
+ Martin, but I just receive 5 messages as this:
+
+ *From: ORBS sender@localhost
+ *Reply-To: ORBS orbs@localhost
+ *Subject: 193.146.123.100 has been listed by ORBS
+
+
+ Anybody know ORBS (Open Relay Blocking System) initiative ?
Since yesterday ;-) I also received a message about an open relay (read: a
freshly installed Sun somewhere on the network with the standard sendmail
running on port 25 although that wasn't needed at all ;-( When do
software-vendors start to minimize the number of default installed server
processes instead of adding more and more to a default installation ? ).
+ They are sent
+ messages saying that some SMTP servers of RedIRIS Network has
+ been added to the Dorkslayers Open Relay Blocking System (??) wich is an
+ automated relay listing system.
+ They have reason ...because the SMTP servers referenced are really open
+ relay. But is it a serious initiative as MAPS RBL Proyect ? Black lists of
+ open relays it seems to me that is the only real and effective technical
+ solution to this problem.
I don't know how serious this is and I'm not sure what the differences are
with RBL and why they thought it was necesary to add yet another blacklist.
I do wonder however why this particular system was put on the dorkslayers
list. The only 'relayed' message was a test message from
sender@localhost to dorktest@localhost. No actual 'spam' was
ever relayed through this system. On another (secured) machine the
Dorkslayers also tried to send test messages through. Various times since
this particular machine doesn't block on the SMTP-level but sucks in the
message and in case of relaying it bounces the message to the originator.
That must have been a bit of a surprise to the Dorkslayers ;-)
So it appears to me that the Dorkslayers just 'scan/test' whole networks
and just blindly put all machines not complying to the 'Thou shall not
relay rule' on the blacklist. I'm not sure that I like this way of
promoting the closure of open relays...
Xander
- References:
- ORBS ?
- From: Jesus Sanz de las Heras. CSIC RedIRIS