ietf
[Top] [All Lists]

Re: Response to complaint from Dean Anderson (fwd)

2004-06-20 20:20:21
On Fri, 18 Jun 2004, Stephen Sprunk wrote:

Thus spake "David Kessens" <david(_dot_)kessens(_at_)nokia(_dot_)com>
On Fri, Jun 18, 2004 at 07:28:40PM -0500, Stephen Sprunk wrote:
While I disagree with Dean in general and also with most of his current
argument, I think it is a reasonable request that IETF "officials" be
given
an @ietf.org email alias and that those aliases be published for use in
situations such as this.

I like this idea (for other reasons) but I am not sure whether this
really addresses this particular problem:

Dean's problem is that he sends mail from an open relay, which isc.org's
servers block completely (with good reason, sorry Dean).  

Stephen, thanks, but you have some of your facts wrong.  Neither ISC nor
SORBS blocks us because of our relays, nor is the blocking limited to our
open relays.  And in fact, the relay used (cirrus.av8.net) is not an open
relay, but in fact is an SSL/SMTP AUTH relay*.  Rather, ISC/SORBS block
__ALL__ of our IP address space (that is, a full /16 and a full /21),
because they claim this IP address space is "hijacked/disused".  This
includes all of our customers.

In fact, like ORBS before it, SORBS also isn't a __spam__ blacklist. Its a
"personal"  blacklist of sites that Alan Brown, Matthew Sullivan, and Paul
Vixie and their associates just don't like. It is completely
innappropriate for the IETF or its staff to associate with or use such a
list for IETF business.

[* Yes there are still reasons to run open relays---Indeed, our SMTP AUTH
relay is the least used: a commercial failure, really, but I use Pine
which is one of the few clients that can support SMTP AUTH.  SMTP AUTH has
done nothing to block spam, anyone can sign up. Open/Closed, doesn't
matter. Unless you can't do SMTP AUTH, then it matters. Thousands of
software packages don't do SMTP AUTH, and millions of users who want to
outsource parts of their email system or services.  There is a large
market for open relay services and none of it is spam. ]

The address space in question has been in continuous use since 1989
(130.105/16) and since 1993 (198.3.136/21).  I am the authorized contact
for this space, and the entities or their successors to which the IP
address blocks were originally assigned are still in existance. If our use
of these blocks was without permission, they are able to complain.  These
public facts are easilly found by anyone interested in them.

Examination of the ARIN information demonstrates the false nature of
the claims by Vixie, Brown, and Sullivan:


OrgName:    AV8 Internet, Inc 
OrgID:      AV8IN
Address:    P.O. Box 7286
City:       Nashua
StateProv:  NH
PostalCode: 03060
Country:    US

NetRange:   198.3.136.0 - 198.3.143.255 
CIDR:       198.3.136.0/21 
NetName:    AV8IN-NET-1
NetHandle:  NET-198-3-136-0-1
Parent:     NET-198-3-0-0-1
NetType:    Reassigned
Comment:    
RegDate:    2003-07-30
Updated:    2004-02-23

OrgTechHandle: DA31-ARIN
OrgTechName:   Anderson, Dean A.
OrgTechPhone:  +1-617-344-9000
OrgTechEmail:  dean(_at_)av8(_dot_)com

# ARIN WHOIS database, last updated 2004-06-19 19:10
# Enter ? for additional hints on searching ARIN's WHOIS databas


OrgName:    Open Software Foundation 
OrgID:      OSF
Address:    P.O. Box 7286
City:       Nashua
StateProv:  NH
PostalCode: 03060
Country:    US

NetRange:   130.105.0.0 - 130.105.255.255 
CIDR:       130.105.0.0/16 
NetName:    OSF
NetHandle:  NET-130-105-0-0-1
Parent:     NET-130-0-0-0-0
NetType:    Direct Allocation
NameServer: STARSHIP.AV8.COM
NameServer: CONCORDE.AV8.COM
Comment:    
RegDate:    1988-07-20
Updated:    1998-12-21

TechHandle: DA31-ARIN
TechName:   Anderson, Dean A.
TechPhone:  +1-617-344-9000
TechEmail:  dean(_at_)av8(_dot_)com 



Mr Sullivan claims that if we do not reveal our relationships and
contracts with these entities, then we haven't "proved" our rights to use
the address space. Of course, that is nonsense.  Others have made
similarly absurd claims such as 'IP address space is a government grant
that can only be used for non-profit purposes' (Kai Schlichting made this
claim in a generally defamatory letter he sent to the OSF/The Open Group,
whose attorney forwarded it to me)

The false claims by ISC/SORBS is not a matter of blocking spam.  It
doesn't have anything whatsoever to do with blocking spam.  ISC/SORBS
falsely asserts that IP address space is "hijacked/disused".  This is a
bald lie, first promoted by Alan Brown, who you might recall once used his
ORBS blacklist to block ISPs that had nothing to do with spam, for reasons
that had nothing to do with spam: just because he didn't like those ISPs.
Brown then lost 3 separate lawsuits involving defamation and false
statements, and ultimately appears to have lost his business to pay the
consequent damages. When Brown's own subscribers complained, he said it
was a "personal" blacklist and had no particular standards.  Brown was
pretty thoroughly discredited but this does not appear to have deterred
Sullivan and Vixie from associating with him.  Brown and his associates
Paul Vixie and Matthew Sullivan have continued to promote and support
defamation of ISPs they don't like, just like ORBS did previously. None of
the 3 cases Brown lost had anything to do with spam.  Similarly, this has
nothing to do with spam.

ISC/SORBS (Brown, Vixie, and Sullivan) are not claiming that we are
spammers: They are falsely claiming that our address space is
"hijacked/disused".  Vixie and I have conflicts that predate spam, and
goes back at least to Namedroppers in the late 1980's and the issue of HS
class Root servers.  More recently, I've worked (with others of course) to
prevent several frivolous changes to the DNS protocol that Mr. Vixie
supported, and which would have benefited products and companies he has a
financial interest in.  Indeed, the current dispute arose out of
complaints about improper activity by Mr.  Austein as WG co-chair with
respect to one of those proposals. That complaint, originally and
appropriately made off-list, was rejected by Mr. Austein's ISC.ORG email
system, run by Mr. Vixie.

ISC's harrassment by computer is not the only issue. There are also the
matters of on-list disparagement by Mr.  Bush and Mr. Vixie, and of course
Mr. Alvestrand has recently made his own original false and misleading
statements implying there is somehow incorrect ownership information and
that somehow I have made some request of him to change that. I haven't
made any such request. If there is any trivially incorrect information, it
does not support the assertion that the space is "hijacked/disused".

We cannot ignore these acts by and through the IETF.  We have business
with the IETF, and have a stake in the engineering of the Internet.  We
cannot allow persons at the IETF (either employees, staff or participants)
to defame or disparage Av8 or myself to others or to Av8 Customers who
might participate in the IETF.  We certainly cannot allow the IETF process
to be inappropriately manipulated by ISC or Paul Vixie or others to their
financial advantage.


For your reference, I'll summarize the salient events regarding SORBS and 
ISC's harrassment by computer:

Brown, Sullivan, and Vixie originally claimed that the OSF no longer
existed, but withdrew that claim after I contacted Sullivan directly last
year. They refuse to withdraw the rest of their false claims, apparently
seeking to draw me into a lawsuit with Mr. Sullivan Unlike Mr. Brown
(previously) and Mr. Vixie (currently), Mr. Sullivan has no company or
assets to pay damages. But this is consistent with a plan of action posted
on Spam-l after MAPS lost in Exactis V. MAPS.

SORBS has been booted from other ISPs for violating AUP rules which
prohibit defamation and other bad conduct.  Despite their bad conduct,
Vixie then provided them with hosting services at ISC, and has refused to
accept abuse reports, which is both ironic and hypocritical.  100% of the
sites we've contacted have stopped using SORBS altogether when they
examine the false claims made by SORBS.  It seems that few or no reputable
people or companies want to associate with this organization after finding
out what it is up to.  Strangely, the ISC and the IETF are the rare
exceptions.


Some have attempted to describe this as simply a "false positive" that is
an unfortunate, but unpreventable event. This is a false claim.  There are
plenty of anti-spam methods out that do not harrass Av8 Internet, or make
false claims.  Many (if not most) people have given up altogether on
IP-based blocking.  Indeed, given that most spam/abuse comes from
virus-infected computers on DHCP connections that force them to change IPs
every few hours, it seems impossible that IP-based blocking could be
effective unless the blacklist had some advance knowledge of the IPs to be
used. And of course, advance knowledge is impossible unless the blacklist
is the abuser.  So, if you find an effective IP-based blacklist, well,
you've found something very interesting.

There are many anti-spam tools that do not engage in defamation and false
claims.  Judging by the relative absence of complaints by our users, it
seems that SORBS is a very little used list, and that like ORBS before it,
its purpose is nothing other than defamation and disparagement. Outside of
ISC's harrassment on the IETF lists, we have very little problem with
SORBS use, and 100% of the sites that we've run into using SORBS (outside
of ISC and the IETF) have quit using SORBS altogether after we've
contacted them.  As I pointed out previously, SORBS isn't an anti-spam
list at all, but a "personal" blacklist created by Sullivan, Brown, Vixie,
and their associates.

You may be wondering why SORBS is claiming our address space is
"hijacked/disused", instead of claiming it as open relay. I wondered that,
too. I don't know the answer, and ISC/SORBS/Sullivan/Vixie aren't saying.  
But I think its because they already lost the "is it legal to block open
relays?" argument. We have gone into legal dispute with a couple large
ISPs whose abuse admins threatened to block our relays, and who claimed
that open relays somehow send spam. The admins described __anonymous__
relays.  When we corrected that description, and explained the difference
between an open relay and an anonymous relay, their lawyer reversed the
admin and promised not to block our relays[**].  There is nothing abusive
or unlawful about open relays.

[** It is an interesting footnote that in one case, the admin who lost on
the open relay question posted messages to an ISP list saying that we had
hijacked space.  While he has a relationship to Vixie and Sullivan through
Nanog, his post was after SORBS began their listing. It is unclear how he
learned of the listing, since it wasn't discussed on Nanog or Spam-l ]


The ISC/SORBS issue has nothing whatsoever to do with open relays.


But even if it did have something to do open relays, there is still no
reason to block our relays: There is no spam coming from our relays, in
comparison to other ISP relays. They are policed far better than most
ISP's closed relays.  We respond far faster and far more responsibily than
say, Bill Manning did with complaints about ISC's hosting of an abuse site
(http://www.iadl.org/bm/bill-manning-story.html)  Manning _still_ claims
that "we can't prove any relationship between EP.NET and ISC.ORG", despite
their long and well-known history in operating PAIX.

Please also be aware that an open relay is not an __anonymous__ relay.  

I might agree that there is no reason or little reason to run anonymous
relays. Av8 does not run anonymous relays.  However, many anti-spam
radicals cannot make the distinction between anonymous relays and open
relays. I don't know whether this is due to lack of intelligence or if
they just intentionally mislead people (their attorneys and management)  
about the difference.  

However, making it about open relays makes no difference. Blocking our
open relays through particpation in an unlawful group boycott is still
unlawful for the IETF and its staff, (see
http://info.av8.net/spamstuff/vix-spam-abatement-ietf.html)  Defaming and
disparaging Av8 Internet by the IETF, its staff or its participants is
also unlawful.  But it isn't about open relays, its about falsely claiming
that IP Address space is "hijacked/disused"


Dean Anderson
Av8 Internet, Inc







_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/ietf