At 12:06 PM -0700 3/20/02, Cerebus the Ardvark imposed structure on a stream of electrons, yielding: >At 13:52 3/20/2002 -0500, Paul List Hess wrote: >>I received an official court notice this afternoon to turn over all >>information relation to ORBZ accounts. This came from the 10th >>Judicial District court of theState of Michigan. It appears that >>ORBZ may be facing criminal charges for denial of service relating >>to the Lotus Domino issue. > >This simply has to stop. I am so sick of corporations making law >with the force of their money. The claim is absurd on it's face >since ORBZ has never ever ever ever blocked a single message from >anyone to anyone. Ever.
That's not the issue. See Declan McCullagh's piece at wired.com. ORBZ used tests that they knew in August would crash some Lotus servers. They kept running those tests and crashed the server of the City of Battle Creek, MI. FWIW, I think it would be right and proper for Ian Gulliver of ORBZ to spend a few weeks in the Battle Creek jail for this. There are all sorts of other people whose failings made this event possible, but what ORBZ (and anyone else doing aggressive relay testing without good cause) was doing was arguably criminal even before it took down a government system. I have nothing against blacklists. I have a big problem with people that thinkm they have a right to test machines just because they are there. >But, he with the most money wins. Period. Meanwhile, everyone has >to be abused by vile miscreants who abuse our systems. Oh Joy. > >What is needed, I think, is a concerted Spam campaign on behalf of >some of these corporations. Send out millions and millions of ads >for Lotus or Disney or Senator Foobar until people are SCREAMING for >it to stop. Course, it wouldn't work. Oh wait, I know, PORN ads on >behlaf of Senator Foobar! :) To be totally clear: this is a criminal case about a criminal act which took down a machine *because it was not* an open relay. The bug is in how Lotus mail software (everything from cc:Mail to Domino 5) handles bouncing relay attempts that are constructed to look like they come from bad local addresses. >Maybe we need a whitelist server instead? Listing hosts that are >NOT spammers and then we can check the list and reject any messages >that doesn't pass the test. It is unlikely that sites of any real scale could reasonably use any such shared whitelist that would be feasible to operate. -- Bill Cole [EMAIL PROTECTED] ############################################################# This message is sent to you because you are subscribed to the mailing list <[EMAIL PROTECTED]>. To unsubscribe, E-mail to: <[EMAIL PROTECTED]> To switch to the DIGEST mode, E-mail to <[EMAIL PROTECTED]> To switch to the INDEX mode, E-mail to <[EMAIL PROTECTED]> Send administrative queries to <[EMAIL PROTECTED]>
