Re: Administrative Overheads Arising from UCE

To:
From: Gunnar Lindberg < >
Date: Tue, 16 Feb 1999 18:04:48 +0100 (MET)
Whether or not people take me seriously is uninteresting; however one
could hope for the content/message being slightly more important...

I didn't check MAPS/RBL or ORBS mostly because I don't beleive in
such centralized monsters but also because I feel they would hardly
be up to date and people would not make use of them anyway - if it's
impossible for a university to stop Mail Relay by 10 lines of .cf
code, why should one expect them to add tons of such code to go ask
MAPS/RBL or ORBS and do so for each message???

However, I've now spent some time with MAPS/RBL to look for spam hosts
and Mail Relays (some apologies to the folks that get exposed; if you
find yourself - or your friends - here go fix that Mail Relay).

Spam host                       IP                MAPS/RBL
mut-53-0969.direct.ca           216.66.136.69      Nope

Spam ISP's MX host              IP                MAPS/RBL
head.direct.ca                  199.60.228.51      Nope
edam.direct.ca                  199.60.229.6       Nope
swiss.direct.ca                 199.60.229.2       Nope
jack.direct.ca                  199.60.229.4       Nope

Relay Name                      IP                MAPS/RBL
pc91w0.WiSo.Uni-Augsburg.DE     137.250.20.91      Nope
sat.ipp-garching.mpg.de         130.183.1.21       Nope
rzm31.rz.uni-hildesheim.de      147.172.16.41      Nope
renoir.uni-paderborn.de         131.234.28.20      Nope
rock.cr2a-di.fr                 195.6.251.157      Nope
relay2.eunet.fr                 192.134.192.149    Nope
pf1.pf1.co.il                   192.117.161.66     Nope
ren.nic.in                      164.100.10.18      Nope
risc1.lrm.fi.cnr.it             149.139.5.3        Nope
helium.pronet.it                194.183.5.2        Nope
cleopatra.telnetwork.it         194.20.107.100     Nope
gelso.unitn.it                  193.205.200.200    Nope
relic.hsh.no                    158.37.25.10       Nope
samson.khio.no                  158.36.126.10      Nope
perth.otago.ac.nz               139.80.28.1        Nope
res.lse.ac.uk                   158.143.96.63      Nope
river.tay.ac.uk                 193.60.160.99      Nope
pat.yale.ac.uk                  194.83.84.8        Nope
brenda.mailbox.co.uk            195.82.96.40       Nope

This is a fairly complete list of Relay Hosts that showed up in mail
from people complaining - there is likeley to be more, both where
noone has complained or where the complaint didn't include Received.

I doubt MAPS/RBL or ORBS would have saved us.

QED,
	Gunnar

>From owner-anti-spam-wg@localhost  Tue Feb 16 10:47:40 1999
>Message-Id: <UTC199902160946.KAA07707.piet@localhost>
>Date: Tue, 16 Feb 1999 10:46:50 +0100
>From: Piet Beertema <Piet.Beertema@localhost

> ...
>    
>    If I write a note on a pice of paper, sign it "Bill Gates, Microsoft"
>    and put it on a billboard, that clearly must be illegal some way(?).
>You wouldn't be taken serious either. :-)

>    PS
>        In the aftermath, I've gone through who was Mail Relay for this
>        bastard. Several are in Europe and most of them are in the "naive"
>        category. There are, however and to my great disapointment, some
>        fairly large and well known European ISPs - probably even active
>        RIPE members - that accepted to be Mail Relay for *.direct.ca.
>        No response from them yet.
>Did you check all the relays involved against RBL and ORBS?


>	Piet
Post To The List:
Follow-Ups:
- Re: Administrative Overheads Arising from UCE
  - From: Piet Beertema
References:
- Re: Administrative Overheads Arising from UCE
  - From: Piet Beertema
<<< Chronological >>>
Author Subject
<<< Threads >>>