On Fri, 18 Jun 2004, Stephen Sprunk wrote: > Thus spake "David Kessens" <david.kessens@xxxxxxxxx> > > On Fri, Jun 18, 2004 at 07:28:40PM -0500, Stephen Sprunk wrote: > > > While I disagree with Dean in general and also with most of his current > > > argument, I think it is a reasonable request that IETF "officials" be > given > > > an @ietf.org email alias and that those aliases be published for use in > > > situations such as this. > > > > I like this idea (for other reasons) but I am not sure whether this > > really addresses this particular problem: > > Dean's problem is that he sends mail from an open relay, which isc.org's > servers block completely (with good reason, sorry Dean). Stephen, thanks, but you have some of your facts wrong. Neither ISC nor SORBS blocks us because of our relays, nor is the blocking limited to our open relays. And in fact, the relay used (cirrus.av8.net) is not an open relay, but in fact is an SSL/SMTP AUTH relay*. Rather, ISC/SORBS block __ALL__ of our IP address space (that is, a full /16 and a full /21), because they claim this IP address space is "hijacked/disused". This includes all of our customers. In fact, like ORBS before it, SORBS also isn't a __spam__ blacklist. Its a "personal" blacklist of sites that Alan Brown, Matthew Sullivan, and Paul Vixie and their associates just don't like. It is completely innappropriate for the IETF or its staff to associate with or use such a list for IETF business. [* Yes there are still reasons to run open relays---Indeed, our SMTP AUTH relay is the least used: a commercial failure, really, but I use Pine which is one of the few clients that can support SMTP AUTH. SMTP AUTH has done nothing to block spam, anyone can sign up. Open/Closed, doesn't matter. Unless you can't do SMTP AUTH, then it matters. Thousands of software packages don't do SMTP AUTH, and millions of users who want to outsource parts of their email system or services. There is a large market for open relay services and none of it is spam. ] The address space in question has been in continuous use since 1989 (130.105/16) and since 1993 (198.3.136/21). I am the authorized contact for this space, and the entities or their successors to which the IP address blocks were originally assigned are still in existance. If our use of these blocks was without permission, they are able to complain. These public facts are easilly found by anyone interested in them. Examination of the ARIN information demonstrates the false nature of the claims by Vixie, Brown, and Sullivan: OrgName: AV8 Internet, Inc OrgID: AV8IN Address: P.O. Box 7286 City: Nashua StateProv: NH PostalCode: 03060 Country: US NetRange: 198.3.136.0 - 198.3.143.255 CIDR: 198.3.136.0/21 NetName: AV8IN-NET-1 NetHandle: NET-198-3-136-0-1 Parent: NET-198-3-0-0-1 NetType: Reassigned Comment: RegDate: 2003-07-30 Updated: 2004-02-23 OrgTechHandle: DA31-ARIN OrgTechName: Anderson, Dean A. OrgTechPhone: +1-617-344-9000 OrgTechEmail: dean@xxxxxxx # ARIN WHOIS database, last updated 2004-06-19 19:10 # Enter ? for additional hints on searching ARIN's WHOIS databas OrgName: Open Software Foundation OrgID: OSF Address: P.O. Box 7286 City: Nashua StateProv: NH PostalCode: 03060 Country: US NetRange: 130.105.0.0 - 130.105.255.255 CIDR: 130.105.0.0/16 NetName: OSF NetHandle: NET-130-105-0-0-1 Parent: NET-130-0-0-0-0 NetType: Direct Allocation NameServer: STARSHIP.AV8.COM NameServer: CONCORDE.AV8.COM Comment: RegDate: 1988-07-20 Updated: 1998-12-21 TechHandle: DA31-ARIN TechName: Anderson, Dean A. TechPhone: +1-617-344-9000 TechEmail: dean@xxxxxxx Mr Sullivan claims that if we do not reveal our relationships and contracts with these entities, then we haven't "proved" our rights to use the address space. Of course, that is nonsense. Others have made similarly absurd claims such as 'IP address space is a government grant that can only be used for non-profit purposes' (Kai Schlichting made this claim in a generally defamatory letter he sent to the OSF/The Open Group, whose attorney forwarded it to me) The false claims by ISC/SORBS is not a matter of blocking spam. It doesn't have anything whatsoever to do with blocking spam. ISC/SORBS falsely asserts that IP address space is "hijacked/disused". This is a bald lie, first promoted by Alan Brown, who you might recall once used his ORBS blacklist to block ISPs that had nothing to do with spam, for reasons that had nothing to do with spam: just because he didn't like those ISPs. Brown then lost 3 separate lawsuits involving defamation and false statements, and ultimately appears to have lost his business to pay the consequent damages. When Brown's own subscribers complained, he said it was a "personal" blacklist and had no particular standards. Brown was pretty thoroughly discredited but this does not appear to have deterred Sullivan and Vixie from associating with him. Brown and his associates Paul Vixie and Matthew Sullivan have continued to promote and support defamation of ISPs they don't like, just like ORBS did previously. None of the 3 cases Brown lost had anything to do with spam. Similarly, this has nothing to do with spam. ISC/SORBS (Brown, Vixie, and Sullivan) are not claiming that we are spammers: They are falsely claiming that our address space is "hijacked/disused". Vixie and I have conflicts that predate spam, and goes back at least to Namedroppers in the late 1980's and the issue of HS class Root servers. More recently, I've worked (with others of course) to prevent several frivolous changes to the DNS protocol that Mr. Vixie supported, and which would have benefited products and companies he has a financial interest in. Indeed, the current dispute arose out of complaints about improper activity by Mr. Austein as WG co-chair with respect to one of those proposals. That complaint, originally and appropriately made off-list, was rejected by Mr. Austein's ISC.ORG email system, run by Mr. Vixie. ISC's harrassment by computer is not the only issue. There are also the matters of on-list disparagement by Mr. Bush and Mr. Vixie, and of course Mr. Alvestrand has recently made his own original false and misleading statements implying there is somehow incorrect ownership information and that somehow I have made some request of him to change that. I haven't made any such request. If there is any trivially incorrect information, it does not support the assertion that the space is "hijacked/disused". We cannot ignore these acts by and through the IETF. We have business with the IETF, and have a stake in the engineering of the Internet. We cannot allow persons at the IETF (either employees, staff or participants) to defame or disparage Av8 or myself to others or to Av8 Customers who might participate in the IETF. We certainly cannot allow the IETF process to be inappropriately manipulated by ISC or Paul Vixie or others to their financial advantage. For your reference, I'll summarize the salient events regarding SORBS and ISC's harrassment by computer: Brown, Sullivan, and Vixie originally claimed that the OSF no longer existed, but withdrew that claim after I contacted Sullivan directly last year. They refuse to withdraw the rest of their false claims, apparently seeking to draw me into a lawsuit with Mr. Sullivan Unlike Mr. Brown (previously) and Mr. Vixie (currently), Mr. Sullivan has no company or assets to pay damages. But this is consistent with a plan of action posted on Spam-l after MAPS lost in Exactis V. MAPS. SORBS has been booted from other ISPs for violating AUP rules which prohibit defamation and other bad conduct. Despite their bad conduct, Vixie then provided them with hosting services at ISC, and has refused to accept abuse reports, which is both ironic and hypocritical. 100% of the sites we've contacted have stopped using SORBS altogether when they examine the false claims made by SORBS. It seems that few or no reputable people or companies want to associate with this organization after finding out what it is up to. Strangely, the ISC and the IETF are the rare exceptions. Some have attempted to describe this as simply a "false positive" that is an unfortunate, but unpreventable event. This is a false claim. There are plenty of anti-spam methods out that do not harrass Av8 Internet, or make false claims. Many (if not most) people have given up altogether on IP-based blocking. Indeed, given that most spam/abuse comes from virus-infected computers on DHCP connections that force them to change IPs every few hours, it seems impossible that IP-based blocking could be effective unless the blacklist had some advance knowledge of the IPs to be used. And of course, advance knowledge is impossible unless the blacklist is the abuser. So, if you find an effective IP-based blacklist, well, you've found something very interesting. There are many anti-spam tools that do not engage in defamation and false claims. Judging by the relative absence of complaints by our users, it seems that SORBS is a very little used list, and that like ORBS before it, its purpose is nothing other than defamation and disparagement. Outside of ISC's harrassment on the IETF lists, we have very little problem with SORBS use, and 100% of the sites that we've run into using SORBS (outside of ISC and the IETF) have quit using SORBS altogether after we've contacted them. As I pointed out previously, SORBS isn't an anti-spam list at all, but a "personal" blacklist created by Sullivan, Brown, Vixie, and their associates. You may be wondering why SORBS is claiming our address space is "hijacked/disused", instead of claiming it as open relay. I wondered that, too. I don't know the answer, and ISC/SORBS/Sullivan/Vixie aren't saying. But I think its because they already lost the "is it legal to block open relays?" argument. We have gone into legal dispute with a couple large ISPs whose abuse admins threatened to block our relays, and who claimed that open relays somehow send spam. The admins described __anonymous__ relays. When we corrected that description, and explained the difference between an open relay and an anonymous relay, their lawyer reversed the admin and promised not to block our relays[**]. There is nothing abusive or unlawful about open relays. [** It is an interesting footnote that in one case, the admin who lost on the open relay question posted messages to an ISP list saying that we had hijacked space. While he has a relationship to Vixie and Sullivan through Nanog, his post was after SORBS began their listing. It is unclear how he learned of the listing, since it wasn't discussed on Nanog or Spam-l ] The ISC/SORBS issue has nothing whatsoever to do with open relays. But even if it did have something to do open relays, there is still no reason to block our relays: There is no spam coming from our relays, in comparison to other ISP relays. They are policed far better than most ISP's closed relays. We respond far faster and far more responsibily than say, Bill Manning did with complaints about ISC's hosting of an abuse site (http://www.iadl.org/bm/bill-manning-story.html) Manning _still_ claims that "we can't prove any relationship between EP.NET and ISC.ORG", despite their long and well-known history in operating PAIX. Please also be aware that an open relay is not an __anonymous__ relay. I might agree that there is no reason or little reason to run anonymous relays. Av8 does not run anonymous relays. However, many anti-spam radicals cannot make the distinction between anonymous relays and open relays. I don't know whether this is due to lack of intelligence or if they just intentionally mislead people (their attorneys and management) about the difference. However, making it about open relays makes no difference. Blocking our open relays through particpation in an unlawful group boycott is still unlawful for the IETF and its staff, (see http://info.av8.net/spamstuff/vix-spam-abatement-ietf.html) Defaming and disparaging Av8 Internet by the IETF, its staff or its participants is also unlawful. But it isn't about open relays, its about falsely claiming that IP Address space is "hijacked/disused" Dean Anderson Av8 Internet, Inc _______________________________________________ Ietf@xxxxxxxx https://www1.ietf.org/mailman/listinfo/ietf