ARIN whois

These are coming from Mass, Cleveland, Ohio, and Virginia.

We use our relays for legitimate business purposes. They are not "accidentally left open". We are not going to close them. We are going to pursue abusers civilly and criminally. The FBI assures me that it does not matter criminally that access comes from international sources.

Much of the activity appears to be comming from alleged ANTI-SPAMMERs such as Chris Neill, and Alan Brown and Ron Guillemette who have been inciting attacks against us, posting to alt.2600 and advertising our service. Inciting criminal acts is a criminal act too, I'm pretty sure. We make sure to mention them prominently.

    --Dean

Around 11:18 PM 11/21/1999 -0500, rumor has it that Kai Schlichting said:

Dean, perhaps I am not fully understanding your logic behind not closing
your relays. I have been a systems administrator for 4 years and I have
not ever found an application where I needed to leave my SMTP relays open
to the world. I do not doubt that you have legitimate business purposes
in mind when opening your relay, but at some point you must decide that
legal action will be too slow to fix anything and that it might be a good
time to close your relays to aleviate other problems. Simply saying "I
shouldn't need locks on my doors because everyone should be
honest and never come into my house without my permission," dosen't cut it
in this world, and I am quite sure that you have
locks on every portal to your house, so why should your SMTP server be any
different? Taking such a stance and refusing to close your
relays is simply a foolish decision.

Closing mail relays isn't very hard, and qmail and sendmail (and probably
the handfull of NT mailers) both have ways of implementing a
POP3-before-SMTP system so you can "allow" relaying from anywhere on the
planet without having to worry about abusers (as long as the abusers don't
have the login information for a POP box). I suggest that you investigate
implementing POP-before-SMTP if you wish to leave your relays open to
everyone, as well as setting up RBL support on your server, in the end it
helps everyone by stopping one more potential spam outlet.

-Robert Gash

PS- and don't think that just having "private" IPs that are publically
accessible to the net will stop anything. I use a cablemodem at home and
we have co-located equipment where I work, and it is constantly being
scanned for open vulnerabilities (including open SMTP relays, so you can
rest assured that someone will find you out sooner or later).

What "legitimate business purposes" necessitate leaving SMTP relays open
to the world? While I think spammers shouldn't be spamming, I think
you'd find it better to do what you can to stop them from spamming via
means you control, i.e. your servers, as opposed to going through the
FBI.

The FBI has recently stated that their computer crimes people are entirely
overworked and way behind. So, while they will look into the matter, my
previous experience with the FBI and computer crime shows a decided lack
of interest in crimes that don't involve a high dollar figure for damages
or stolen goods/services except for the purposes of profiling attacks and
doing trend analysis. Unless you're looking at a six figure loss, you
probably won't get far.

Your best bet is to find a solution to restrict access to your relays.

No offense to all, but you are ALL wasting your time trying to convince Dean through logic on this topic. We've all been round and round the same discussions on the anti-spam mailing lists, and Dean continues to insist that he MUST run open relays.

Dean appears to be completely impervious to logic, so don't waste your time sending it his way.

D

Most of us have procmailed Dean to /dev/null ages ago...

-Dan

Marvellous! We've got a load of customers who seem to refuse to use
their ISP's relays when sending mail, and because we're a hosting
company and not an IAP we obviously can't let them use ours without
jumping through hoops (a la pop3/smtp, or constructing an ACL of
every ISP they might happen to use...erm...yeh, maybe I won't do
that then).

Dean, can I have a list of your open relays? We'll whack in an RR that
suggests they're ours (not in the headers, of course), and point our
customers at those! You're a lifesaver!

Dean,

Have you considered that, while your stand may be legally correct, it is
ethically questionable? By leaving your relays open, you invite abuse and
facilitate the theft of other networks' resources. I can not imagine what
legitimate purpose you might have for such a practice. Perhaps the most
disturbing aspect of this is your steady beat on the drum of law and
order, combined with your strange zeal to block out IP addresses from a
large block of law abiding folks.

I can only wish you luck in your endevour to have Federal law enforcement
officials deliver warrant on international spammers. Clearly, those folks
don't have enough to do, and need the extra work.

- Daniel Golding

I'm really curious now: What, pray tell, are the "legitimate business
purposes" that *necessitate* the use of open relays? I'm an ISP admin
myself, and while it is certainly possible that I am missing something, the
longer this thread goes on, the more I doubt it.

Why don't you enlighten us and end this forever?

Also: "The FBI assures me that it does not matter criminally that access
comes from international sources." Not criminally, maybe, to the extent
that what they are doing is still criminal, but it makes a hell of a
*practical* difference, as somebody else already pointed out.

- Steve

A point that Dean makes here is pretty valid. Last year MHSC tried to run a
third-party secure email service, using sendmail. The only way to do that is
to allow relaying. The nimrods, that are about closing down all mail relays,
absolutely ignore valid business uses for the relays. They don't understand
that someone might want to use a different SMTP server, than the one their
ISP uses, in order to send to someone in the WEB, FTN, VPN, or PER TLDs.
That sort of gateway MUST allow relays in order to function.

I know Ron Guillimette from my daze on the anti-spam lists. Not only is he
rabid, but he lacks a lot of sense. He's an "ends justify means" type.

You have just explained why you are a SysAdmin and not a business operator.
The issue is not that closing them is difficult. The issue is that it will
ALSO close down a legitimate business.

What "legitimate business purposes" necessitate leaving SMTP
relays open
to the world?

How about running a commercial email gateway? How about commercial anonymous
re-mailers?

A point that Dean makes here is pretty valid.

  No, he doesn't, and attempting to legitimize it only does
  a disservice to anyone with a clue.

  NOTE: Do NOT EVER run an open relay on the Internet
        

Last year MHSC tried to run a third-party secure email service,
using sendmail. The only way to do that is to allow relaying.

  Ah, so you're one of those people who run open relays. Sorry;
  time to get a job where you're not about loosing filth on the net.

The nimrods, that are about closing down all mail relays,

  Nimrod? *laugh* "That word, I do not think it means what
  you think it means." http://www.m-w.com. quote - tpb

That sort of gateway MUST allow relays in order to function.

  Well, I'm afraid to get on my soapbox about clueless people
  who get promoted to sysadmin positions. Unfortunately staying
  silent and letting "nimrods" (means "mighty hunter) like you do
  damage by mis-informing real sysadmins about open relays is bad.

  Open relays unacceptable, and technically unnecessary.
  Closed relays fine. Learn to use filters, my dictionary-challenged
  friend.

I know Ron Guillimette from my daze on the anti-spam lists. Not only is he
rabid, but he lacks a lot of sense. He's an "ends justify means" type.

  Um. Dude. That's entirely what your comment on open relays
  is. If the ends don't justify the means, than your bad business
  sense and poor technical skills DON'T justify open relays.

  Cheers,

  Ehud

  p.s. Don't send me any more private mail telling me how bright
       dean is.

> What "legitimate business purposes" necessitate leaving SMTP
> relays open
> to the world?

How about running a commercial email gateway?

Lets try another analogy set, ie You run a gas station.

open-relay:
  You give out free fuel to whoever turns up in a vehicle capable of
  accepting fuel from your bowser.

pop-before-smtp authentication:
  You require a valid corporate fleet card before handing out fuel.

full-anti-relay:
  You require payment before letting them near the bowser.

trusted-hosts or IP-based access lists:
  If their numberplate is in a certain range, give them free fuel.

How about commercial anonymous re-mailers?

Ah, this would be:

  You give out free fuel on sighting, but not verifying, a corporate
  fleet card, and give them a new car.

The key problem we've run into is that while customers may have a
domain hosted with us, they're dialling up to a third party ISP.
Normally we'd tell them 'set your email program up to send mail as
you@your.domain', but some ISPs (most notably the free ones) seem to
only permit mail to go out through their relays if the mail comes from
username@their.isp.

Of course, we simply tell them to sign up to an ISP that doesn't
restrict them in every possible way, but there are a few who are
rather anti-this (most notably those on AOL).

I'd love to be able to run open relays for these users, to let them
send mail out with their own domain on the From: header. The net's not
the same place it was even 5 years ago, though, and we just can't
leave ourselves vulnerable like that.

Ain't progress marvellous?

Analogies never prove anything. Let's get our hands on the real thing
instead. Show me another way to run a third-party e-mail gateway that
doesn't require a smart relay somewhere. Oh yeah, do it with sendmail.

This is exactly the issue and the rabid anti-spammers ignore the fact that
most smallers IAPs do NOT run a good mail service and many don't want to.
They are denying legitimate service, to legitimate users, whilst attacking a
legitimate business, because they don't want to understand anything outside
of their little parochial world. Some call that ignorance. BTW, I nuke
spammers on sight.

The real answer is putting an authentication layer into SMTP.

I have not idea what all this drivel has to do with ARIN whois, but there
is not such thing as "WEB, FTN, VPN, or PER TLDs."

And we have not yet heard of a "valid business reason". Proof by assertion
is not sufficient.

"Roeland M.J. Meyer" wrote:

A point that Dean makes here is pretty valid. Last year MHSC tried to run a
third-party secure email service, using sendmail. The only way to do that is
to allow relaying. The nimrods, that are about closing down all mail relays,
absolutely ignore valid business uses for the relays. They don't understand
that someone might want to use a different SMTP server, than the one their
ISP uses, in order to send to someone in the WEB, FTN, VPN, or PER TLDs.
That sort of gateway MUST allow relays in order to function.

WSimpson@UMich.edu
    Key fingerprint = 17 40 5E 67 15 6F 31 26 DD 0D B9 9B 6A 15 2C 32

Yet another example of narrow-mindedness. All of those TLDs exist, unless
you like denying reality. Just because *you* can't get to them doesn't mean
that others can't. This is the very reason that smart-relay exists, as a
feature in sendmail.

WEB is operated by IO Design
FTN is FidoNet Technology Network aka FidoNet, SurvNet, EggNet, etc.
VPN is operated by MHSC.NET
PER is operated by Iperdome.

While we're at it, there is BOX, which is operated by DSO.NET

I'll even let you use NS2.MHSC.NET to get to them, for free.

see <http://www.dnso.net>

BTW, who died and left you God of Business plans?

If you protect yourself from open relays too hard, you really protect yourself
from the usefull mail. It's reality.

The best way to stop the SPAM is to turn your computer off. There is many
reasons why someone hold open relay; while this relay don't send you spam, it's
not your business... many providers simpli filter open relay detectors out (such
as ODBS), moreover, an attempt to use this _crazy_ (active) lists results in the
loss e-mail and can't be used by the serious companies.

> Sent: Tuesday, November 23, 1999 6:34 AM
> To: nanog@merit.edu
> Subject: Re: ARIN whois
>
>
>
> I have not idea what all this drivel has to do with ARIN
> whois, but there
> is not such thing as "WEB, FTN, VPN, or PER TLDs."
>
> And we have not yet heard of a "valid business reason".
> Proof by assertion
> is not sufficient.
>
> "Roeland M.J. Meyer" wrote:
> >
> > A point that Dean makes here is pretty valid. Last year
> MHSC tried to run a
> > third-party secure email service, using sendmail. The only
> way to do that is
> > to allow relaying. The nimrods, that are about closing down
> all mail relays,
> > absolutely ignore valid business uses for the relays. They
> don't understand
> > that someone might want to use a different SMTP server,
> than the one their
> > ISP uses, in order to send to someone in the WEB, FTN, VPN,
> or PER TLDs.
> > That sort of gateway MUST allow relays in order to function.
> >
>
> WSimpson@UMich.edu
> Key fingerprint = 17 40 5E 67 15 6F 31 26 DD 0D B9 9B
> 6A 15 2C 32
>

Aleksei Roudnev,
(+1 415) 585-3489 /San Francisco CA/

A point that Dean makes here is pretty valid. Last year MHSC tried to run a
third-party secure email service, using sendmail. The only way to do that is
to allow relaying. The nimrods, that are about closing down all mail relays,
absolutely ignore valid business uses for the relays. They don't understand
that someone might want to use a different SMTP server, than the one their
ISP uses, in order to send to someone in the WEB, FTN, VPN, or PER TLDs.
That sort of gateway MUST allow relays in order to function.

  A couple years ago I might have agreed with you. Right now,
  today, November 23 in the year of somebody's lord 1999, there
  is no excuse for leaving your relays open to the world. We
  have the technology to authenticate. Use it.

I know Ron Guillimette from my daze on the anti-spam lists. Not only is he
rabid, but he lacks a lot of sense. He's an "ends justify means" type.

  Ron does not represent the whole of the anti-spam community,
  or even just the folks who want open relays closed so that
  spammers stop getting a free ride. He's on his own trip.

---------========== J.D. Falk <jdfalk@cybernothing.org> =========---------
  > "Welcome to my nightmare |
  > Its the one in which I always press the button." |
  > -Roy Harper |
----========== http://www.cybernothing.org/jdfalk/home.html ==========----