Stealth Blocking

David Schwartz davids at
Wed May 23 23:18:12 UTC 2001

> I'm getting seriously confused here. I thought that the
> open-relay issue was
> irelevent to MAPS.


> That MAPS only black-holed confirmed SPAM
> sites (a little
> tougher, but more granular, charter).

	Yes, but open relays can easily become confirmed SPAM sites. All that has
to happen is one spammer chooses to use that particular open relay.

> Further, that it was ORBS
> that listed
> open-relay sites specifically, whether they were involved in a spam or not
> (unacceptable due to punishing potential anti-spammers for proliferating
> spam that never saw their systems).

	ORBS lists open-relay sites whether or not they were involved with spam.
That's perfectly fine with me, since as far as I'm concerned, an open relay
is like a loaded gun -- it's an accident waiting to happen. The problem with
ORBS is that ORBS lists sites that _aren't_ open relays for various reasons,
including political disagreements with the ORBS folks.

	ORBS claimed originally to be a list of confirmed open relays, which it
once was and nobody really complained too much. The problem is, some sites
began getting complaints about the ORBS probers probing their networks. As a
result, some large sites (like abovenet) blocked the ORBS probers. ORBS
countered by blacklisting all of abovenet's address blocks, incuding all of
their non-multihomed customers. This blacklisted thousands of machines that
had no open relays.

> To me, these are two entirely
> different
> charters. If MAPS starts to look like ORBS then I will stop using MAPS.

	No, MAPS will look like ORBS when it starts blacklisting huge blocks of
addresses because it has a political problem with on of the networks on the
path to those addresses.

> Can someone please clarify?

	I hope this qualifies as clarification.


More information about the NANOG mailing list