On Mon, 15 Sep 2003, Dr. Jeffrey Race wrote: > A few comments (interleaved) to clarify the record :) > > On Sun, 14 Sep 2003 19:14:14 -0400 (EDT), Dean Anderson wrote: > >Indeed. These open relay blacklist sites were always a highly > >questionable source for mail filtering. Quite obviously, open relays have > >no relationship to spam, so using an open relay blacklist is going to > >block a lot of non-spam email. > > ==> That is the only way to get the attention of overworked (or > incompetent) admins. No, it isn't. And it is an illegal method, because you (if you are an ISP), probably don't have permission to block non-spam mail. Blocking communications without permission is a (US) federal felony, which also has a civil action, in which the intent requirement is reduced from "intentional" to "knowing". It obviously isn't necessary, as you point out: > In one case I had to contact (personally) > Ziggy Switkowski, the chairman of Telstra, to get his firm to > crack down on misuse of his network. That solved the immediate > problem (and that's what it took because the admins didn't do a > thing except send auto-ignore messages), yet three years later Telstra > is still a menace to the Internet. See today's article > > <http://www.zdnet.com.au/newstech/security/story/0,2000048600,20278508,00.htm> SORBS is a very obscure list, that is little used. At present, I know of only 2 people ever to use it: Paul Vixie, and one other person who stopped after I called them to explain what sort of list they are. That looked into reasons, and stopped using SORBS. SORBS is blacklisting our entire IP address space because they claim it has been hijacked. It hasn't. SORBS has been told this. Sullivan is a crackpot. Fortunately, not a widely used crackpot. So, it seems highly unlikely that very many real spammers would have any complaints about them. It hasn't caused us any mail problems. But they sent some defamatory letters to The Open Group. Last year, I was attacked by 2500+ machines, apparently under control of radical antispammers, hoping to "teach me a lesson". Vixie says he is in touch with script kiddies, and that they are anti-spam. He says "they rarely are spam abusers". Given the large numbers of viruses that send spam, it seems this isn't so rare. > >On Sat, 13 Sep 2003, Harald Tveit Alvestrand wrote: > >> I followed some links today, and discovered to my horror that one of the > >> spamtools I'd been using had been throwing away some valid messages - > >> including some from this very list. > >> > >> It turned out that OSIRUSOFT had gone belly-up, > > > ==>Reportedly they had to cease operations because of DDOS attack. They > must have been doing something right, and they deserve a cheer for > that. However they could indeed have shut down more gracefully. Boo. I don't know for sure, but I think Osirusoft was also going to be sued. I recently helped a company with information on how to sue them. I don't think DOS was the only reason to shutdown. Many such lists have shutdown over the years: (and not because they were doing something right) ORBS.ORG shutdown for fraud in NZ IMRSS.ORG booted by ISP Openrelaywatch.org booted by ISP ORBL.ORG booted by ISP ORDB.ORG was booted from UUnet service, and moved to a hacker friendly ISP in Denmark. ORBZ.ORG after crashing mailservers (investigation started for criminal complaint), the promised to shutdown and stop scanning. The city said that shutdown was unnecessary. But unknown to city officials, ORBZ.ORG operator registered DSBL.ORG with phony Brazilian address. After the city dropped the investigation, ORBZ continued, with DSBL.ORG. Anyway, DDOS tends not to last too long before the attackers are found. Also, Anti-spam sites tend to DOS other antispam sites. Certainly they tend to blacklist each other quite a lot. --Dean DSBL.ORG as it was in July, 2002 Registrant: Linux MM, c/o Conectiva Inc. R. Tocantins 89 Cristo Rei 80050430, Curitiba PR BR Registrar: Dotster (http://www.dotster.com) Domain Name: DSBL.ORG Created on: 22-MAR-02 Expires on: 22-MAR-07 Last Updated on: 22-MAR-02 Administrative Contact: van Riel, Rik riel@conectiva.com.br Linux MM, c/o Conectiva Inc. R. Tocantins 89 Cristo Rei 80050430, Curitiba PR BR +55 41 360 2600 Technical Contact: van Riel, Rik riel@conectiva.com.br Linux MM, c/o Conectiva Inc. R. Tocantins 89 Cristo Rei 80050430, Curitiba PR BR +55 41 360 2600 Domain servers in listed order: C.NS.PENGUINHOSTING.NET A.NS.PENGUINHOSTING.NET B.NS.PENGUINHOSTING.NET DSBL.ORG as it today: Registrant: Rik van Riel 3 Lan Drive suite 100 Westford, MA 01886 US Registrar: DOTSTER Domain Name: DSBL.ORG Created on: 22-MAR-02 Expires on: 22-MAR-07 Last Updated on: 15-AUG-03 Administrative, Technical Contact: van Riel, Rik riel@surriel.com 3 Lan Drive Suite 100 Westford, MA 01886 US +1 (978) 692 3113 Domain servers in listed order: C.NS.PENGUINHOSTING.NET A.NS.PENGUINHOSTING.NET B.NS.PENGUINHOSTING.NET