Stealth Blocking

Mitch Halmu mitch at
Wed May 23 16:41:52 UTC 2001

On Wed, 23 May 2001, John Payne wrote:

> On Wed, May 23, 2001 at 10:33:11AM -0400, Mitch Halmu wrote:
> > 
> > On Wed, 23 May 2001, John Payne wrote:
> > 
> > > Umm... yes.  You run an open, abused mail relay, got listed in RSS and
> > > whine about it rather than fix it.
> > 
> > I have posted two URLs, one was to a slashdot article describing a stealth 
> > assault on Macromedia. So as to clarify the provenance of the URL 
> > previously given by others in full context. Don't see your comments 
> > there. Why? Perhaps the ACLU and those other do-good  organizations 
> > command more respect than an ISP? But they're talking about the same 
> > thing!
> If you believe everything you read in slashdot, you're either incredibly
> naieve or unbelievably clueless.

Conversely true for anything else you may read. I am not particularily
endorsing any opinions but my own. Yet they seem to have scored with that
article, judging from the majority of the supportive comments I read.
> Just the smallest bit of research in a relevant mailing lists archives
> would yield the reasons why macromedia was RBL'd and why the listing was
> removed.  (Macromedia runs unconfirmed mailing lists, mailing lists get
> people added who don't want to be on the list, people complain to Macromedia,
> no response, people nominate Macromedia to MAPS, MAPS contacts Macromedia,
> no response, MAPS adds Macromedia to RBL, Macromedia contacts MAPS, 
> Macromedia promises to cleanup act, MAPS removes Macromedia from RBL) 

And you think that justifies the brute force approach? Interestingly, MACR 
seems to have the means to take them on legally. And perhaps also curious
was the hush-hush way it was handled. Were it not for some clued spirits...

> > The latter was to explain our position. Let's make several things clear. 
> > First, what is the difference between an open relay and a free email 
> > account somewhere? None, absolutely none. You could subscribe as Michael 
> > Mouse today, and the emperor of China tomorrow. Yet such service, with no 
> > credit card or implant chip to validate your true identity, giving away 
> > free resources to the world, is perfectly legit in your judgement.
> Most free e-mail services aren't being abused.  The spam with hotmail or
> juno or whatever return addresses are not being sent through hotmail or
> juno or whoever, they're being sent through open relays like yours.

Have you ever heard of a dropbox? Would you like several tens of thousands
of examples?
> > NetSide maintains its own access control list. If a particular ip or ip
> > range didn't abuse our servers, we feel no need to lock them out. And 
> Bully for you.  In the meantime the rest of us have to eat up the spew
> coming from your server until you decide that they've reached whatever
> abuse threshold you set.

The 'rest of us' have a traditional venue, and that is asking politely
the ISP in a documented email complaint. How many complaints did you sent
us? We're not in China, you know...

> > certainly not because you say so. Not to mention that all instances of 
> > abuse can be traced from logs to someone's ip, and there is a venue of
> > complaint with the abuser's provider. We have a valid reason for doing 
> > so: locking our servers would prevent our customers from roaming, and we 
> > would also lose a good part of our non-local client base, some of them
> > subscribed since 1995, who couldn't make full use of their accounts
> > anymore.
> Absolute rubbish.

No kidding? Prove it is so. I think those arguments are rather valid.
> > Second, open relays were the norm until Paul Vixie decided you should do
> > otherwise. And in many cases, he convinced thy by brute force that his 
> > way is the right way is the only way. But it wasn't the legal way. Most 
> > providers bent over and silently took the punishment. We won't. Do I seem 
> > to whine here?
> Yes
> > Third, the new 'rule' MAPS just came up with now is that you must keep your 
> > server open to their 'testing', or they'll blackhole you. See for yourself:
> >
> > That is the reason given for blocking us the second time around. No new 
> > 'evidence', just open wide for inspection and say ahhh...
> Uhhh... so how do you propose that relays are tested to make sure they're
> closed before being removed from the database?

This is the very thing they considered abusive just a few months ago.
Wasn't it MAPS that blocked ORBS for scanning Abovenet's ports in the 
first place? So now they took their rival's worst rules and made it their 
own. Now it's my turn to say absolute rubbish.

> > > Could you be more clueless? 
> > 
> > That's just about what I was going to ask you. This is not about the 
> > merits of some technological implementation over another. It is about
> > basic rights and freedoms shamelessly trampled upon by those that can
> > thump their chests the loudest and have Daddy Warbucks bankroll their
> > operation. Say you fall out of grace with the 'in' crowd tomorrow, could 
> > it be your turn?
> Oh, I'm constantly falling in and out of ORBS and peoples killfiles.
> Do I particularly care?  Nope... people have a right to block whatever traffic
> they want from their machines.

ORBS is a foreign entity. Out of reach. Vixie is ante portas. American, like
you and me. Blackmailing American providers, breaking state and federal laws 
with impunity. People that subscribe to the blackhole lists probably have no
idea who in particular they are blocking or to what extent. Or even why.
> > > If you want to whine some more, is over there ->
> > > and spam-l is that way <-
> > 
> > And you, John Payne, are here. And clearly on the side of the network
> > operator that's deliberately destroying the connectivity of other networks.
> > This problem won't just go away, as much as you want it swept under the
> > rug.
> I'm in both those places (and more) as well.  If you want to stalk me at
> least do others the favour of doing it where your whines stand a chance of
> being ontopic... and if you're really lucky you might pick up a friend or
> two on the way.

Your mail server bounces my messages. Have you thought of that one yet?
I'm not stalking you, I'm simply responding to your comments. And if I 
need a friend, I'd rather buy a dog. I'll name him Lucky.


More information about the NANOG mailing list