Stealth Blocking
jlewis at lewis.org
jlewis at lewis.org
Thu May 24 03:10:58 UTC 2001
On Wed, 23 May 2001, Roeland Meyer wrote:
> I hate to be pendantic here, but from your own email and what other sources
> have told me, this is inaccurate. MAPS does NOT do pre-emptive open-relay
> testing. I consider this to be a very important distinction. If I thought
> this was the case, I would stop using MAPS five minutes ago.
What's so bad about pre-emptive open-relay scanning? What's the
difference between an open-relay found/used by a spammer and added to the
RSS and an open-relay found by pre-emptive scanner and added to the RSS?
Both sites are likely sources of relay spam. I recently upgraded a busy
set of mail servers from using only the DUL to the DUL/RBL/RSS, and the
number of messages being rejected/day has gone up about 20x. I still get
relay spam and report a handful of open relays to MAPS every day. If
there were a list like ORBS run more the way MAPS is run, I'd probably
give that a try too.
The only complaint I have about MAPS is that recently someone has been
making some SWAGs regarding what blocks of our IP space are dial-ups and
whoever oversees the DUL has added blocks of non-dial-ups apparently
blindly, causing trouble for our customers and support calls to our NOC.
--
----------------------------------------------------------------------
Jon Lewis *jlewis at lewis.org*| I route
System Administrator | therefore you are
Atlantic Net |
_________ http://www.lewis.org/~jlewis/pgp for PGP public key_________
More information about the NANOG
mailing list