Re: fix.your.open.relay.or.die.net

["Brad Jensen" <brad@xxxxxxxxxxx>]

----- Original Message -----
From: "David Gibbs" <david@midrange.com>
To: <midrange-l@midrange.com>
Sent: Tuesday, November 20, 2001 5:21 PM
Subject: Re: fix.your.open.relay.or.die.net


> > Man I hope I got that right :)
>
> You got it right.
>
> As a strong opponent to UCE, I must side with the folks that
probe
> SMTP servers for open relays.

It would be nice to just fix it with an RFC, like other things on
the net. Instead we get SMTP software that stays open, and a hand
job to define the ip addresses that email can legitimately come
from. One simple RFC change would do it. I always prefer to fi the
problem once, rather than tens of thousands of net administrators
patching this and that to fix it.

We run at least three email servers for about 12 domains. I still
can't get email on some of my addresses from my l;ake house over
the starband satellite connection.

I'll stop whining soon.

> The number spam messages I get at MIDRANGE.COM is awesome ... I
get
> more than 200 spam messages daily.

I get about a dozen or so. Most of them I could block by subject
blocking, it's the same thing over and over. It would be nice if
netsacpe or outlook would have a quick spam buttin that would
blkock the secoind or third message thru with the same subject
line. I just hit the delete key.

I'm on some as/400 lists , a coupel of distance lists, and a
metaphysical religion list (which I host on listserv). I get 300+
emails a day.

Spam is like junk mail.

I do understand you don't want it propagated to an email listserv.

>  Most of which, luckily, are
> addressed to mailing lists and are stopped by the list software
> (although my list owners are a bit annoyed at the amount of work
> they have to do to junk the messages).  A lot of them are
addressed
> to just common names on the domains I use.

You mean you do not run finger? (That isn't supposed to sound
incredulous, I'm just wondering. I sometimes wonder how many
people are running finger and don't know it.)

> Those that run open relays need to be informed about them, and
given
> assistance with closing them.  Those that refuse to close their
open
> relays should be blocked from responsible mail servers.

Welllllllllll,

they don't run open relays, their SMTP software provides that
service because it operates according to RFCs. The RFCs are left
over from friendlier days on the net, and need to be changed.

> No mail server should be allowed on the 'net if it allows open
relay.

SMTP should be changed to require a password for signon, ssame as
POP3. But in saying that, I'm proposing a standard change, not a
million individual volitional acts.

A lot of people have no idea that they are running open relay, or
even how SMTP and POP3 work. DOes everyone have to know the
difference between a diesel engine and a gasoline engine before
they can drive on the hiway.  The software could be fixed in a
month or two on the outside.

I don't like people who waste internet bandwidth using streaming
video, particularly if they broadcast it. They are costing us all
a lot more wasted time and interfering with throughput more than
all the spam that has ever been.

Can we interfere with the transmission of CNN et al? Not if we
want to keep roofs over our heads.

> I think it would be a fine service by the internet registrars if
they
> would probe your MX on a periodic basis and inform the admin and
> technical contact if the server allows open relay.

Well, again, all that has to happen is fix the software.  All you
need is two challenge/responses at most to defeat ip spoofing, and
you could have trusted smtp servers.

I guess it really is a sore spot with me for the days my net
manager had to spend fixing it, and he has to keep tweaking it. It
costs me money it shouldn't be costing me.

I do understand the frustration, particularly of list managers, at
receiving spam.

Brad Jensen
brad@elstore.com
Electronic Storage Corporation