ietf
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Last Call: 'Email Submission Between Independent Networks' to BCP - Clarification

2005-06-20 13:21:05
from [Dean Anderson] [Permanent Link] 
On Mon, 20 Jun 2005, Tony Finch wrote:


On Sun, 19 Jun 2005, Dean Anderson wrote:


Neither open relays nor lack of email authentication are
problems that are exploited by spammers.


Neither of those statements are true. I've already addressed the first.


No, you haven't addressed anything. You made an assertion that doesn't
stand up: What is probably your customers' attempts to relay externally
does not represent spammers trying to abuse open relays. This is very
likely legitimate, by legitimate users.  This doesn't make your point.

The fact that you seem to get gratification at "blocking email" and
ASSUMING it is abuse, doesn't do you, us, your customers, or anyone any
good. It doesn't show that open relays are exploited by spammers. The fact
is, open relays aren't abused by spammers.  In 9 years, no genuine
commercial operation has ever abused our relay. And we look. We don't just
look at "relay denied"  log messages and impute bad motives, as you do.  
Instead, we look at the queued messages. We try to find the company
selling something; And there hasn't been any.  We found instead that this
is abuse queued by self-described anti-spammers aka "spamops" people
trying to "teach us a lesson" about running open relays. And when they
gave up on abuse and shut their "blacklists", we had no further abuse,
either.


Regarding the second, we dealt with an incident last year where a spammer
exploited an open proxy on our network to send spam; 


An open proxy on a machine run by your customer is still your customer,
and is therefore entitled to send email.


they evaded our port 25 block by using an unauthenticated outgoing SMTP
relay.


But they were your customer, and were therefore authorized to send email.  
If you had run SMTP AUTH, they would have obtained the password, because
they can INSTALL AN OPEN PROXY ON YOUR CUSTOMERS MACHINE.  Authenticating
the relay will do nothing.  Your problem is the open proxy.  Deal with the 
problem, don't invent a solution that won't fix the problem.


This attack was easy for us to stop because they discovered the relay by
looking up our MX record; 


Funny that you should call this as an "exploit". SPF (the email
authentication du jour)  will identify your outbound relays, too.

You are arguing in circles, making my points for me.

                --Dean


-- 
Av8 Internet   Prepared to pay a premium for better service?
www.av8.net         faster, more reliable, better service
617 344 9000   



_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/ietf
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Last Call: 'Email Submission Between Independent Networks' to BCP, Bruce Lilly
Next by Date:  Re: Last Call: 'Email Submission Between Independent Networks' to BCP, Frank Ellermann
Previous by Thread:  Re: Last Call: 'Email Submission Between Independent Networks' to BCP - Clarification, Tony Finch
Next by Thread:  Re: Last Call: 'Email Submission Between Independent Networks' to BCP - Clarification, Nicholas Staff
Indexes:  [Date] [Thread] [Top] [All Lists]