<<< Chronological >>> Author Index    Subject Index <<< Threads >>>

Re: Administrative Overheads Arising from UCE


> > a) The *original* procedure was an automated search for open
> >    relays, but this was later changed to verification of reports
> >    about open relays; that's still the procedure.
> > b) It's not ORBS's responsibility to verify that relays are no
> >    longer open: that's for the full 100% the responsibility of
> >    the administrators of that host.
> > c) Anyone is free to use or not use ORBS. 
> 
> there are a few problems with ORBS:
> 
> - they do NOT warn responsible people about the fact they are now blacklisted
> - they do not take into account any signal/noise rationale
>   (can you really expect a very busy server never to pass anything
>    somebody might object to ?)
>   (zero tolerance is something for the law, not for the technical
>    implementation IMHO)
> - they seem have a very bad open relay test,
>   even very well protected servers end op on it.
> - they do not remove a blacklisted site after a given amount of time
> - they are rather obscure, even this lists readers don;t seem to know
>   all where to find them.

The most annoying thing is that you as an ISP get blacklisted when one of
your downstream users has an open relay. Im talking dialup users on a 28k
link, that have something like mailtraq installed, and uses you as a 
mailgateway. We have these all the time, and every time we have to follow
up on it, taking a lot of time (and thus money). ORBS doesnt just blacklist
the user, they blacklist us. 

ORBS doesnt take into account dialup ISPs with tens of thousands of users.
And whats this about being free to use ORBS or not. I dont see anything on
the ORBS website about being free to be on ORBS or not :)

Cor

ps: Ive complained to mailtraq more than once for making a product that
    relays by default. 




<<< Chronological >>> Author    Subject <<< Threads >>>