Alan Cox wrote:
>
> Well .. it found it in October. I've yet to have a bad positive from ORBS
> (and I've been caught a few times and learned several new things about
> sendmail (including how to remove it from all my boxes)). The database
> entry for the host tells you what test it failed.
well Alan, I'd like to put my foot (partially) in my mouth and
apologize.
I looked further into the orbs.org site, checked the database as well
as
the pages specifying the different tests. and I too learned quite a
few
new things about mail issues. I went back, telnetted into port 25 on
the
server I help admin, and what do you know - as soon as I tried
anything
BUT the most basic vanilla relaying test (i used an example I had not
previously been familiar with), I was able to relay myself a message.
yeah it still had my isp's address in the headers, cuz modern mail
daemons check, but an open proxy or two would have taken care of that.
and of course from there it's trivial to write a script to
bounce off a billion wingates and send 10000 "make money FAST!"
messages
to random vict^H^H^H^Hrecipients.
back in reality tho, I really don't think there has been much if any
spam coming
out of our servers via relaying. (that is NOT to say I don't take it
seriously
that relaying can be accomplished from our servers) imho tho orbs.org
is in a
sense providing spammers with a simple shopping list; they claim this
kind of
disclosure is beneficial, but in theory it just saves the spambastards
the effort
of scanning themselves. i downloaded the 30+ list, grepped it for
entries from
december, and what do you know. first ip I tried still allows
relaying. easy
pickins.
and ultimately orbs can talk until they are blue in the face about how
they
do this for the good of us all etc etc. I'm sure every one in a
hundred times
actual spam is blocked by orbs blacklist instead of legitimate mail.
great.
but when they reach the point where they do global blacklists (their
webpage
is quite honest about the fact that whole countries are blocked by
them,
which is their fault for using 'rogue' servers orbs doesn't like), and
when
a site that doesn't like the fact that this wonderful altrustic
organization scans their servers every week 17 different ways and
blocks
them is AUTOMATICALLY blacklisted for this crime, they have
overstepped
their bounds.
that all of course is just my opinion, and if only one thing is for
certain,
this has definately reached the point of being utterly offtopic for
linux-net.
so, my apologies again.
jd
-
To unsubscribe from this list: send the line "unsubscribe linux-net" in
the body of a message to [EMAIL PROTECTED]
