Stealth Blocking

jlewis at jlewis at
Thu May 24 03:10:58 UTC 2001

On Wed, 23 May 2001, Roeland Meyer wrote:

> I hate to be pendantic here, but from your own email and what other sources
> have told me, this is inaccurate. MAPS does NOT do pre-emptive open-relay
> testing. I consider this to be a very important distinction. If I thought
> this was the case, I would stop using MAPS five minutes ago.

What's so bad about pre-emptive open-relay scanning?  What's the
difference between an open-relay found/used by a spammer and added to the
RSS and an open-relay found by pre-emptive scanner and added to the RSS?
Both sites are likely sources of relay spam.  I recently upgraded a busy
set of mail servers from using only the DUL to the DUL/RBL/RSS, and the
number of messages being rejected/day has gone up about 20x.  I still get
relay spam and report a handful of open relays to MAPS every day.  If
there were a list like ORBS run more the way MAPS is run, I'd probably
give that a try too.

The only complaint I have about MAPS is that recently someone has been
making some SWAGs regarding what blocks of our IP space are dial-ups and
whoever oversees the DUL has added blocks of non-dial-ups apparently
blindly, causing trouble for our customers and support calls to our NOC.

 Jon Lewis *jlewis at*|  I route
 System Administrator        |  therefore you are
 Atlantic Net                |
_________ for PGP public key_________

More information about the NANOG mailing list