On Wed, Mar 05, 2003 at 09:00:00AM +0700, Dr. Jeffrey Race wrote:
On Tue, 4 Mar 2003 13:17:14 -0700 (MST), Vernon Schryver wrote:
That is not right. People who operate relays may be less culpable than
the original senders of spam, but they are certainly blame worthy
and they are certainly not victims in the same class as spam targets.
The term of art is 'contributory negligence'
That is the term, but only a very few years ago open relays were
the norm, even the polite thing to do. Until people came up with
kludges like smtp-after-pop, they were even the approved way to
help your users who roamed around the network. So in the law it's
quite a leap from moving something from expected norm to negligent
in just a few years.
The draft I proposed allows open relays for those who wish to use
them, though they can't run mailing lists from them. So I suggest
it is not inherent that open mail relays must be closed.
Plus it's an interesting precedent. For example, if you run MS
Windows as found on the CD, your machine can be invaded and used
as a base for DDOS. Should you be sued over this? Should Microsoft?
What about after patches become available?
It's messy.
Anyway, the point is the open relay operators are not doing things
deliberately. They don't want to relay spam. They are spammer's
victims. If possible, we should try to help them. Forcing them
all to close is something to be done only if we have exhausted all
ways to solve the problem.
Plus there are "open" relay operators who state they have put in
throttles which stop spammers (or anybody untrusted) from sending
large volumes of mail through the relay. Yet the blacklist relay
testers don't test a large volume, they test a single message, and
blacklist the relay even though it is not practical for spammers
to use it.
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg