Speak of the devil,
I just got a cry for help from someone running BDSI & Sendmail 8.9 who
apparently
has someone relaying a ton of crap through their system and their ISP is
about
to dump them. Anyone know a fast way to turn it off? Thanks,
Kevin
> -----Original Message-----
> From: Eric [SMTP:[EMAIL PROTECTED]]
> Sent: Wednesday, February 02, 2000 11:41 AM
> To: [EMAIL PROTECTED]
> Subject: Re: Hey, I DON'T WANT a firewall in front of my network!
>
> Paul Gracy wrote:
> >
> > I gotta tell ya, the law seems a bit overboard.
>
> The real problem is being able to prove that a specific individual is
> behind it. I've already talked to one judge about the law and he is
> ready to throw the book at anyone brought to his court under the law
> if it can be proved that they are the culprit.
>
> > Also shows a complete lack
> > of understanding of how the Internet works (concepts: shared resources,
> > learn by doing,
>
> Are you suggesting you have to break into systems to learn about
> computing?
>
> > open mail relays are by definition available for public use,
> ^^^
> You mispelled "were". Open relays are no longer necessary for normal
> delivery of e-mail. It would be nice if you could run an open relay
> for the use of your own customers without having to worry about spammers
> hijacking the relay to send junk mail.
>
> > world readable directories and open source, anonymous ftp, etc.) Also,
> > there is a concept (though now seen by some as too conservative -
> whiners)
> > in Anglo - American jurisprudence that if there is no harm, then how
> could a
> > crime have been committed?
>
> What concept is this? Around here, they prosecute people all the time for
> crimes in which there is no harm. In 1997, they arrested and charged a
> student in Texas for using a university computer to develop a web page for
> an outside company. I personally consider that a whole lot less menacing
> than people trying to break into computers.
>
> > Also, if your system is configured properly, it
> > shouldn't cost thousands of dollars to investigate a break-in or
> break-in
> > attempt, you should get it in your email inbox in the morning.
>
> If it only takes $5 worth of time to make sure they didn't get in,
> that's enough damages to move it from a Class B Misdemeanor to the
> Class A Misdemeanor. Also, all they have to do is delete one file
> and it is no longer a Class B Misdemeanor.
>
> > Why should a
> > computer user who played with your open relay (seen by some as a putting
> a
> > swing in the front yard right next to the busy sidewalk without a fence
> or a
> > sign) be punished because your incompetence meant that it took you $5000
> to
> > figure out what happened?
>
> But if someone uses an open relay to send junk mail to thousands of
> people,
> damages will nearly always occur. The damages include
> 1) any denial of service to the owners and legitimate users of the
> machine
> 2) the value of time by the owners to deal with the resulting
> complaints,
> threats, mail bombings, ... .
> 3) the value of the service itself
> 4) the costs incurred as a result of e-mail being blocked as a result
> of the spam run
> 5) for an ISP, the potential loss of customers switching to other
> service
> providers because their e-mail cannot be delivered to some sites.
>
> Thus, using an open relay without proper authorization to send junk mail
> is
> at least a Class A Misdemeanor, probably a State Jail Felony, and
> potentially
> a Category Three (or higher) Felony. Hijacking relays is a criminal act
> and
> I'd love to see the spammers who do that go to prison as a result.
>
> To be perfectly honest, I'm not worried about someone using an open relay
> to send e-mail to their Aunt Sadie. The big problem is determining
> whether
> the relay was from a spammer, a relay test by the anti-relay contingent,
> or a simple misconfiguration by an individual.
>
> What would really be nice is if we could explicitly withdraw any and all
> permission from spammers to access your SMTP server to send spam to
> accounts
> on that machine. That would make the act of spamming anyone using that
> server at least a Class A Misdemeanor since the spammer would receive a
> benefit as a result of delivery of the spam. (Felony would be better so
> we could extradite.)
>
> Eric Johnson
> -
> [To unsubscribe, send mail to [EMAIL PROTECTED] with
> "unsubscribe firewalls" in the body of the message.]
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
