Re: Administrative Overheads Arising from UCE
- Date: Wed, 17 Feb 1999 06:29:59 +0100 (MET)
Folks, I'm sorry I got carried away by Piet's desire that we put global
email connectivity in the hands of an unknown voluntary organization.
If the RIPE anti-spam team provided that service I might re-think but
*never* just from AnyBody-AntiSpam.ORG.
But, my original plea was for advice on legal matters - any idea on
how to make the legal system nail the spammer???
Gunnar
>From owner-anti-spam-wg@localhost Tue Feb 16 19:56:33 1999
>Message-Id: <3.0.6.32.19990216195535.007a78c0@localhost>
>Date: Tue, 16 Feb 1999 19:55:35 +0100
>From: Piet Beertema <Piet.Beertema@localhost
> OK, I stand corrected. ORBS is agressive enough - if the entire
> world had been using it we would have been saved.
>Well, not really saved, but at least we would have had a
>*lot* less problems and spam.
And instead we'd have another problem - mail connectivity goes down,
and we will not be able to use email to sort that out...
> However, nothing is said about what bad things would have happened
> to the systems/people that were blackholed. Did they get the info
> or were they just put onto the blackhole list without prior notice.
>What I know about it is that they put a host on the list
>and at the same time notify postmaster@localhost.
Well, I did exactly that in the ~10 cases I presented. 2 responded and
have indeed fixed their system.
> And, how long will it take to undo the ORBS ban?
>Within one day.
OK. My example shows that's not true. Please get (and stay) real.
> As I said, I've contacted most of the Relay's Postmaster and some
> of them did fix their systems, but when I now test for ORBS too I
> find that they ARE STILL ON THE ORBS BLACK LIST.
>Are you absolutely sure that:
>a) they indeed *did* close their relay?
Y E S. I tested that myself yesterday. I happen to know how.
>b) they notified ORBS about that?
No idea. My guess is that they did not know anything about ORBS and
that ORBS claims the right to decide on global mail connectivity...
I'll probably have to loop 129.16.[1-254].[1-254] to verify we don't
have any host on their blacklist. Cool.
>ORBS only takes a host off the list when they get a
>notification from the host's administrator, and even
>then only when a check shows that the host is indeed
>closed for third-party relaying.
Even if I though the basic idea was good that still doesn't scale!
They'd be flooded by on/off requests. I question their motives but
even if I'm being positive they still have severe scaling problems
since they'd have their own test hosts and personal as bottleneck.
The only thing that scales is that many people share the work, e.g.
that everybody who read my list of Relays go out and talk to those
who is a customer, neighbor, colleague or friend. Agreed this isn't
at all "sexy", but it has a chance to scale (distributed procesing).
I've done exactly that here at Chalmers, I haven't got any Popularity
Award but we're much better off than a year ago (and I'm tired :-).
Those of you who cared to read this much: What have you done so far?
Please take 1h of your life and check out 5 neighbor systems. Mail
them, call them by phone. Will do magic to stop spam relaying!
> Piet