open relays at Earthlink

Dalvenjah FoxFire dalvenjah at
Fri Aug 21 19:08:57 UTC 1998

On Fri, Aug 21, 1998 at 01:42:47PM -0500, Aaron Goldblatt put this into my mailbox:

> Imposing security measures or performance enhancement tricks after initial
> implementation is a huge imposition on any company's technical support
> staff, and frequently serves more as a customer irritant than anything
> else.  I remember having to assist customers with reconfigurating
> their POP3 and SMTP clients when that provider went to a round-robin
> load-balancing mail server system.  It was ... painful.

"Well this is how we've always done it" isn't an excuse for sticking
with a boneheaded configuration. Yes, changing configurations is painful.
Yes, customers will bitch and whine and wail "But I'm not a computer person!"
Yes, support staff will have to walk customers through reconfiguring their
Endora and explaining why they need this STMP thing anyway. I've been doing
it all summer at work.

One extremely simple fix that the UUnet folks appear not to have stumbled
upon is to firewall outgoing connections on port 25 to any hosts other
than a specific list of earthlink, MSN, &etc mail hosts. This would only
require reconfiguration on the part of the particularly obstinate customers
who didn't follow the directions properly in the first place, and would
for the most part kill off the relay hijacking that goes on from those

Last - all these companies don't seem to understand that implementing these
fixes and dealing with the complaints in the short run will let them cut
down their abuse staff in the long run, because they won't have 500,000
e-mails to deal with every day. It's cheaper to fix it right, folks.

But this is getting to be off-topic, so I'll stop here. I'd suggest
taking it to inet-access or somesuch, but I'm not on those lists and
don't know what's appropriate for them.


 Dalvenjah FoxFire (aka Sven Nielsen) "And I would've gotten away with it, if
 Founder, the DALnet IRC Network       it hadn't been for you meddling kids!"
 e-mail: dalvenjah at            WWW:
 whois: SN90                          Try DALnet!

More information about the NANOG mailing list