anti-spam vs network abuse
Daniel Senie
dts at senie.com
Fri Feb 28 18:23:34 UTC 2003
At 12:56 PM 2/28/2003, Paul Vixie wrote:
> > > For the past 15 months, NJABL has reactively tested systems that have
> > > connected to participating SMTP servers to see if those systems are open
> > > relays. ...
> > >
> > > We do not consider what NJABL does abuse, ...
>
>Jon,
>
>If "they" are indeed only testing systems who connect to them, it's not
>abuse, and I would not have complained. However, they scanned every
>address in every netblock I own, looking for SMTP servers. That was
>abuse, that was illegal in California, and I was shocked that you "allowed"
>"them" to behave that way. Hopefully my inference is correct and "they"
>are now scanning only the hosts which connect to participating SMTP servers.
Paul raises good questions about the level of response to incoming SMTP
traffic. If contacted for transmission of SMTP, do you have the right to go
probe the sending system for all possible vulnerabilities, or only ones
that relate directly to email? Clearly there are concerns about email
coming from open relays, and from open proxies. The degree of scanning
could easily cross the line from warranted to abusive, and potentially illegal.
Scanning machines "in the neighborhood" sure seems far over the line. This
is further complicated by the difficulty in determining the size of the
"neighborhood" (read: netblock assigned to a customer).
While we would all like to find some solution to the spam problem before
email is rendered useless, measures which themselves threaten the network
with denial of service attacks and other measures can be considered just as
damaging.
More information about the NANOG
mailing list