Re: Administrative Overheads Arising from UCE
- Date: Tue, 16 Feb 1999 21:39:59 +0100
It doesn't look fair to me. Since they put one (open) relay automatically
on the black list and of course they notify the hostmaster, it will be
fair
to check again from time to time if the problem was fixed
Wrong:
a) The *original* procedure was an automated search for open
relays, but this was later changed to verification of reports
about open relays; that's still the procedure.
b) It's not ORBS's responsibility to verify that relays are no
longer open: that's for the full 100% the responsibility of
the administrators of that host.
c) Anyone is free to use or not use ORBS.
The right procedure for me is that IF a complain is received, the owner of
the system to be notified to fix the problem and if after the given grace
period he didn't fix the problem to proceed to black list the open relay.
Wrong too: the problem of open relays is not something new; it's
well known and fixes are available, so any administrator can since
long have closed his open relay(s). Furthermore, any open relay is
a SERIOUS THREAT to all of the Internet. Friendly approaches are
highly inappropriate: "first shoot, then talk" is the only correct
approach here.
Piet