ORBS (Re: Scanning)

Mitch Halmu mitch at netside.net
Mon May 28 07:11:34 UTC 2001

On Sun, 27 May 2001, Derek Balling wrote:

> Well, you MUST (RFC2505, 2.1) prevent unauthorized use of your mail 
> server as a mail relay.
> So if your question is "since my local users don't have to 
> authenticate themselves against my mail server, is there a rule that 
> says I can't offer unauthenticated SMTP service to roaming users", I 
> guess the answer is "yes, there IS actually a rule forbidding that."
> Cheers,
> D

Derek, there is a subtle difference between the words you SHOULD and
you MUST. The RFC you quoted is a "Best Current Practices" document.
You know, like "The Surgeon General had determined that [insert your
favorite vice here] is bad for your health". i.e, he can't order you
MUST stop smoking, maybe you SHOULD consider it because yadayada.

Now let's go back to 1997 and see how this baby was born. In Sep 1997,
on this very list, Paul Vixie was known to have laid the seed:

`Could somebody who hasn't been burned to a crisp by IETF politics please
write a "Mail Relay Requirements" RFC that we can brandish at these vendors?
(Dave Crocker seems like a logical choice for this given his past credits.)'

Full text of the message at http://www.dotcomeon.com/relay_default.html

>From this grew a business that puts food on the table for several members
of this list. And now the paid enforcers and their groupies are brandishing 
it at legitimate network operators. There is a lot of money in the jackpot
now, in case you haven't noticed, and dissent will not be tollerated.

If people would have paid attention then to the implications, this monster 
would have been nipped in the bud. Instead, their camel is now in your tent.
And it's not even Uncle Sam's beast...

So what was that Conan saying again? ;)


> At 9:18 PM -0400 5/27/01, Mitch Halmu wrote:
> >On Sun, 27 May 2001, Dan Hollis wrote:
> >
> >>  On Sun, 27 May 2001, Roeland Meyer wrote:
> >>  > You must not have a roaming staff or are willing to keep telcos wealthy.
> >>
> >>  roaming staff either use webmail or pop-before-smtp.
> >>
> >>  -Dan
> >
> >Is there a rule that, except for local dial-in, we cannot offer the same
> >services to a client located in a part of the world that we dont't have
> >a dial-in POP as we offer to our local clients? Why shouldn't such clients
> >be able to get their dial-in somewhere and the rest of their services from
> >somewhere else? That includes using a remote SMTP server in the same way
> >a local user can, period.
> >
> >--Mitch
> >NetSide
> -- 
> +---------------------+-----------------------------------------+
> | dredd at megacity.org  | "Conan! What is best in life?"          |
> |  Derek J. Balling   | "To crush your enemies, see them        |
> |                     |    driven before you, and to hear the   |
> |                     |    lamentation of their women!"         |
> +---------------------+-----------------------------------------+

More information about the NANOG mailing list