North American Network Operators Group|
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical
Re: RBL-type BGP service for known rogue networks?
Peter van Dijk wrote: > > On Fri, Jul 07, 2000 at 12:18:15PM -0400, Shawn McMahon wrote: > > The ORBS approach: > > > > Put people on the list quickly, and make it easy for them to get back off the > > list. Unfortunately, while this is an admirable objective, it is *not* the way ORBS operates. Were it, MAPS would have not been forced to create a working alternative. > > This statement is in no way a political basis for ORBS. Good. Because it misses the abusive nature of ORBS itself (lack of specificity, broad and shotgun based, enormous collateral damage, and a documented track record of personal vendettas (see http://www.deja.com/bg.xp?level=news.admin.net-abuse and search for ORBS)). The attacks on Steve Atkin's SamSpade come to mind. > ORBS lists open relay by policy. As simple as that. If ORBS is aware that > you are an open relay, you get listed. ORBS is 100% objective. See the above. > > > The MAPS approach: > > > > Make it damn hard to get on the list. > > That's because MAPS is not automated, and not objective. No, that's because the collateral damage can be enormous, and you can't allow such mistakes to happen. > MAPS relies on > reports of abuse, which can be forged. The presupposes that some rather bright people can be fooled easily by headers. Perhaps you should look at the pedigree's of the MAPS employees (there are 10 or 15 of them already, recruited from the best of the abuse department in some major ISPs). MAPS does not rely on reports to add addresses (ask anyone who has nominated address space to MAPS). Sometimes the damn research that MAPS does, and the discussions they get into with the owners of the source address space take so long and are so detailed that MAPS take flak for not acting quickly enough, or ignoring the nomination, or bowing to pressure. They are thorough to the n'th degree. Here's a little snippet: I bet that Paul Vixie's email addresses gets forge subscribed 10 times a day in the hopes that he will react, and punish the list he is forge subscribed to. If personal reaction and a vendetta were his MO I bet there would be a long trail of complaints, and a successful lawsuit or two. > IIRC MAPS does check if a server is > an open relay. If it didn't I would rant :) They do a lot more than that. Understand the fundamental difference between ORBS and MAPS. ORBS attempts to punish. No educational value. MAPS educates the spammer (if possible) and the network providers. I would hazard a guess that a large number of smaller providers now whack spammers and have tough AUPs because of an "education" provided by MAPS. I*I*RC as long as a provider is actively in communication with MAPS and is discussing a solution, the addresses that are suspected are removed from MAPS. I suggest a thorough read of all the pages at http://mail-abuse.org. DISCLAIMER: I subscribe and use all of the MAPS services on my network - so I am a satisfied customer. Geez, I should have listened to my own suggestion, and taken the thread elsewhere. But I guess this is certainly a good place for network operators to get an education about the issue.