North American Network Operators Group|
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical
Re: RBL-type BGP service for known rogue networks?
On the ORBS Jihad The biggest problem with ORBS is the ASSUMPTION that we are all running sendmail. MANY corporate sites use SMTP gateways which do not exhibit the same behavior as sendmail for instance Notes 5.0.x will accept a UCE message and quietly drop it once it realizes that this is a UCE message if the UCE filters are enabled. This behavior will get you on the ORBS list and until Lotus creates a Notes/Domino gateway which fully emulates sendmail you cannot get off the ORBS list. or create a RELAY server which is based on current revisions of sendmail it is not an open relay but it is a relay nonetheless. Talk of IPsec tunnels is a good idea except does the infrastructure support it and is it LEGAL in some countries in the EU encryption by private citizens/organizations is illegal so we are back to needing to allow relay from defined netblocks. "Derek J. Balling" wrote: > >Also, as I > >said, there are valid reasons to allow third-party relays. In > >fact, they are even required, depending on circumstances. > > Sorry... don't buy it. Upgrade your MTA to sendmail 8.10 or above and > have your customers use current versions of their MUA's if they wish > to travel. SMTP-AUTH is your friend and it appears to be fairly well > supported now within the various consumer MUA's. (Admittedly, this > time last year that wasn't necessarily the case) > > I fail to see an occurrence where an open relay is "necessary". Can > you describe one for me? > > D