open relays at Earthlink

Steven J. Sobol sjsobol at nacs.net
Wed Aug 26 04:13:02 UTC 1998


On Tue, Aug 25, 1998 at 09:20:24PM -0500, Phil Howard wrote:

> Since UUNET does not immediately cut off all accounts that come from a
> reseller because a spammer does, UUNET is _in_ _effect_ telling resellers
> "that's OK".

Huh? because a spammer does what?

Hm. UUNet may not - probably doesn't - have the technical ability to get
into Reseller X's server and disable the customer's account. I am assuming
here, and Steve Davies can correct me if needed -- I am assuming that UUNet
access servers refer back to the ISP's authentication servers (RADIUS,
TACACS or the like) to verify login and password information. I am further
assuming that UUNet does not have the necessary administrative access to
its resellers networks and computers to disable the account.

> If UUNET wanted to be proactive about spam, and truly carry out their policy,
> and do so without filtering SMTP, then they would refuse to sign up all
> accounts from spammers. 

UUNet doesn't do retail dialup accounts, Phil. When a spammer signs up for
dialup access via UUNet, it's through Earthlink or MSN or another UUNet
reseller.


> Some things _may_ be possible to find this out, such as UUNET demanding the
> CC numbers used and refusing CC numbers blocked for spamming.  But this is
> only a limited measure as dedicated spammers seem to have an endless supply.

This is something that has to be done by the ISP's, not UUNet. And passing
around credit card information can cause a huge amount of legal trouble.

The solution is for UUNet to prevent SMTP connections directly from its
dialups.


-- 
Steve Sobol, Cartel Member #1489 (tinc)

Quote of the year: "If Bill [Gates] were tan, buffed and weighed 240 pounds, I
bet people would dig IS." - Michael Cohn, COMPUTERWORLD Magazine, 8/3/98. 




More information about the NANOG mailing list