Re: [Exim] Filtering by subject

Pàgina inicial
Delete this message
Reply to this message
Autor: Phil Pennock
Data:  
A: exim-users
Assumpte: Re: [Exim] Filtering by subject
Typing away merrily, michael@??? produced the immortal words:
> ORBS does not list domains. They list *IPs* for exactly two reasons:
>
> o They can verify the IP to be an open relay
> o There are known open relays, but the network blocks the ORBS tester


Anything I know about ORBS is third-hand knowledge, but as part of a
recent thread on NANOG, where your second point was mentioned, it was
corrected as a mistaken belief which has resulted in a number of sites
(arguably inappropriately) using the ORBS data to block netblocks in
less-than-desirable circumstances. The second category just means
'untested'.

<http://www.merit.edu/mail.archives/nanog/msg03397.html>
(extracts below)

<http://www.merit.edu/mail.archives/nanog/msg03429.html>

-----------------------------< cut here >-------------------------------
From: Peter van Dijk <petervd@???>
Subject: Re: RBL-type BGP service for known rogue networks?
To: nanog@???
Date: Sat, 8 Jul 2000 19:15:12 +0200
Message-ID: <20000708191512.J16030@???>

[ snip some quoted text -phil ]

Let me explain some things:
- ORBS does not blackhole. It lists hosts and sometimes complete netblocks.
$administrator can then choose to take any action (or not!) based on
these listings.
- ORBS lists hosts in several categories. One is 'open relay inputs'.
Another is 'open relay outputs' (most open relays will be both). Yet
another is 'untested/untestable'. Hosts/netblocks can end up in this
last category in two ways:
- by request from the admin of that host/netblock
- when ORBS finds out that they are being blocked specifically.

It is therefore incorrect to state 'ORBS blackholes whole netblocks'. These
netblocks are listed *different* from open relays. The admin that decides
to use ORBS has a choice to block *only* open relays, or also block hosts
that do not want to be tested by ORBS.

I hope this clears things up.

> It is critically important to also realise that "ORBS" itself doesn't
> "go crazy" and do these things -- such "rogue net-block" listings are
> directly a result of pressure from ORBS users. Such users who
> continue
> to get spam from relays they've reported to ORBS for testing will
> complain and put pressure on the ORBS administrators until there is no
> other choice but to list the entire offending net-block.


Nope. ORBS doesn't do 'user pressure'. Such net-block listings (as
'untestable', not as 'open relay') are only done based on actions/requests
by admins responsible for these netblocks.

[ snip rest of conversation -phil ]

-----------------------------< cut here >-------------------------------

Unless you believe that any self-proclaimed fighters-for-right have the
right to do what they want and then make trouble if you don't agree to
it. Reminds me somewhat of the Spanish Inquisition ...
--
"We've got a patent on the conquering of a country through the use of force.
We believe in world peace through extortionate license fees." -Bluemeat