anti-spam vs network abuse

• Previous message (by thread): anti-spam vs network abuse
• Next message (by thread): anti-spam vs network abuse
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, 27 Feb 2003 22:36:37 -0500 (EST), jlewis at lewis.org wrote:

>This sort of activity is becoming more common / mainstream, so 
>people
>ought to just get used to it.  Road Runner is doing the same thing
>(according to http://sec.rr.com/probing.htm) which is pretty ironic
>given
>how their security department has gotten along with (or not) various
>DNSBLs in the past.

	It has always been my opinion that if somebody connects to you, they 
are implicitly granting you the right to connect back to them on 
well-known ports. I have discussed this opinion with several dozen 
people and have yet to find one who disagrees. (Though I'm sure 
they're probably out there.)

	I've dealt with any number of abuse complaints, many from 
governmental and quasi-governmental group. They've all accepted my 
cut/pasted explanation and we've been whitelisted by several such 
organizations.

	I often use the following as the 'meat' paragraph of my reply:

"In accord with our terms of service, when someone makes a connection 
to one of our machines, we make connections back to them to ensure 
they're not connecting through an open proxy. These connections are 
to each of the ports on which such proxies commonly run and some 
ports may require more than one connection to test multiple 
protocols. We never do such a probe except as a response to a  
connection made to us."

-- 
David Schwartz
<davids at webmaster.com>

• Previous message (by thread): anti-spam vs network abuse
• Next message (by thread): anti-spam vs network abuse
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]