ORBs doesn't tell anyone they can or can not do anything. They list open
relays.
On the filtering... ORBS can't be used for filtering of traffic at a router
level. Period. MAPS RBL can be subscribed to at a router level (using
BGP4) to block all traffic to and from a site. The only way to get into the
RBL is to be heavily spam friendly, ignore e-mails and voice conversation,
and thumb your noses at them.
As for earthlink filtering port 25, that has nothing to do with ORBS.
A lot of large dialup providers resell their dialup servers to other
entities (UUnet being the largest and most well known (AOL uses them, as
does MSN)).
So, an abuse report about spam goes to [EMAIL PROTECTED], who figures out what
one of their wholesale customers was using that IP address, and they then
hand it off to that companies abuse department. And it takes forever... and
the person signs up with a new $19.95 account with another reseller (if not
the same) and they are back in business.
ISPs filter port 25 to prevent relay rape of mail servers. When you were an
open relay for the outside world, wouldn't it have been nice not to have to
worry about a few million people being able to use your server and still
your resources? That's what the port 25 filtering is for.
If you dial-in to earthlink's network, you should use their SMTP server.
The port 25 filtering keeps spammers from being able to hide their tracks as
easily. It's a good thing.
Now, you have some emotional baggage about ORBS, and that's understandable.
But here's another way to think about it...
When your mail server is listed in the black lists, your mail servers are
now *much* less valueable to spammers. Why waste a spam run when you
realize only 1 to 2% of people are going to reply, and you are greatly
narrowing that 1 or 2% by using a listed server? That means your mail
server, which is an open relay, is now less likely to be abused.
I talked with one Lotus admin who said that the system generates a status
report for every 4k messages. When his box was an open relay, it was
generating one of those messages every five minutes. Ouch.
ORBS isn't the problem. Spammers are. You think ORBS interferes with the
operation of your servers... imagine a few hundred spammers relaying through
it.
Also, what about the systems that are taking a beating because of the spam
coming from open servers? You talk about how busy you are and how this is
another thing you shouldn't have to worry about. Most sysadmins are the
same way. "Hrmm... Look at this, few hundred pieces of spam coming from
this mail server... placed in the local kill file. Done.." Do you think
that sysadmin is going to come back to his local kill file after the spam
subsides and test the mail server to make sure it's not an open relay?
Nope, probably not. As far as that sysadmin is concerned, that's your
problem... you were the open relay.
So know, you as the admin of your mail server, have to contact all these
*individual* domains that you deal with and get out of their local kill
files. Not fun, takes longer, etc.
Note: I don't work for ORBS. I don't use the ORBS list directly to block
spam. What I said holds true for MAPS too. I always find it curious when
people blast ORBS or MAPS... you are shooting the messenger, not the person
who is abusing and hacking your server, stealing your bandwidth, thrashing
your DISK subsystem, and tarnishing your reputation with people smart enough
to read headers.
----- Original Message -----
From: <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Friday, February 09, 2001 2:42 PM
Subject: RE: [IMail Forum] ORBS problems
>
> What's wrong with ORBs? Let me tell you a story.
>
> Before we switched to Imail, we were running NTMail, and yes, some of our
> domains were
> listed. This is because the version of NTMail we were running couldn't
> effectively
> *not* relay, and to upgrade to a version that could? 8 grand.
>
> So all of a sudden customers who don't dial up through us can't send mail
> through their
> mail servers; no warning, no explanation. We later found out that
Earthlink
> (their dialup
> provider) was using ORBs to block port 25 on their routers. oops. This
> costed us a few
> customers before we figured it out. We looked all the wrong places, simply
> because no one
> bothered to tell us we were listed, and Earthlink was certainly no help.
>
> Beyond what they've done to us directly, I have some fundamental rights
> issues with them:
> 1. Who are they to tell me if I can relay or not? Of course, we don't, but
> that isn't the point. There
> are legitimate reasons to do it, and as the story above illustrated, that
> can have a very real
> effect on other parts of our business. In short, it has a chilling effect.
>
> 2. ORBs subscribers use the list in ways they may not have intended.
> Earthlink uses it to block
> all traffic from a "relay" site.
>
> 3. ORBs incorrectly listed one of our IPs as an open relay, when it was
not.
> Further, there was
> no notice that the address was listed, and certainly no warning that "we
> will list you if you
> don't turn of relaying". At the very least, affected parties should be
given
> warning and an
> opportunity to correct if they so chose, or tell them kiss off if they so
> choose.
>
> 4. Now we have to proactively track if any of our blocks are listed so we
> don't get blindsided again.
> One more daily task we should not have to do.
>
> I guess it just comes down to that I don't appreciate yet another entity
> telling me what
> I can and cannot do.
>
> *rant ends*
>
> Jon
>
>
>
> -----Original Message-----
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED]]On Behalf Of Scott Perry
> Sent: Friday, February 09, 2001 7:13 AM
> To: [EMAIL PROTECTED]
> Subject: RE: [IMail Forum] ORBS problems
>
>
> >Orbs blows.
> >ORBS are Net Nazis
>
> Let me guess, you people are listed on ORBS? Just close your relay, and
you
> will get off.
>
> FYI, as far as I know, ORBS was NOT designed as a system to DELETE or
BLOCK
> E-mail from open relays. It was designed to LET PEOPLE KNOW that open
> relays exist. They are simply trying to stop open relays.
>
> What is the problem with, for example, adding a header to an E-mail that
> says "[This E-mail came from an open relay in ORBS]"? That way, the user
> can decide what they want to do with the E-mail. And, the amount of spam
> YOU receive will go down, because more people will close their relays,
> giving spammers fewer places to spew.
>
> The main reason people complain about ORBS so much is because they are
> listed in it. If you are listed in it, you are inviting spammers to abuse
> your mail server, and you need to fix it.
>
> Remember, ORBS also has a number of different databases. I have *NEVER*
> heard anyone complain about their "Spam Source" database, for example,
that
> ONLY lists known spam sources.
>
> ORBS isn't bad; the people who abuse it (by deleting E-mail coming from
IPs
> listed in ORBS) are. Just use ORBS in a way that lets the END USER decide
> how to handle the E-mail.
>
>
> --
> -Scott
>
> Declude: Anti-virus and Anti-spam solutions for IMail.
> http://www.declude.com
> --
>
> Please visit http://www.ipswitch.com/support/mailing-lists.html
> to be removed from this list.
>
> An Archive of this list is available at:
> http://www.mail-archive.com/imail_forum%40list.ipswitch.com/
>
>
> Please visit http://www.ipswitch.com/support/mailing-lists.html
> to be removed from this list.
>
> An Archive of this list is available at:
> http://www.mail-archive.com/imail_forum%40list.ipswitch.com/
>
Please visit http://www.ipswitch.com/support/mailing-lists.html
to be removed from this list.
An Archive of this list is available at:
http://www.mail-archive.com/imail_forum%40list.ipswitch.com/
