Re: Telstra blacklisted by ORBS

On Fri, 28 Jul 2000, Paul Montgomery wrote:

Those predictions made by Alan Brown more than a month ago have turned out to be true.

(Predictions are easy because Alan Brown is the master coordinator for ORBS.) Once upon a time I had a lot of respect for Alan Brown and ORBS. Now he's spent so long fighting spam that it's warped his perspective: if you aren't pro-ORBS then you're obvious either a spammer yourself or you just don't give a damn about network security. The possibility that people can be anti-ORBS simply because Alan Brown personally rubs them up the wrong way isn't worthy of consideration... Alan: please stop pretending that ORBS can ever be perfect; in a world with very short-term number assignments between independent parties (DCHP on dial-up and similar), there's no way you can make it so. On the one hand the DUL says that all dial-up users must direct their outbound mail via their ISP's SMTP server, but on the other hand if one of the dial-up users runs an open relay, the ISP's SMTP server will be placed on the blacklist -- and on a "one strike and you're out" basis!

Ben Elliston wrote:

...

233.38.24.203.relays.orbs.org. 20h54m17s IN TXT "Telstra - spam haveners, refusing to act. "

Because my ISP is a customer of Telstra Internet, my entire network has been blacklisted. As best as I can tell _all_ networks downstream from Telstra Internet have been blacklisted in ORBS.

ORBS is suppose to target the people responsible for the traffic eminating from an IP number, since users of ORBS only see the results for the single IP number they're checking. They don't go and look at whole netblocks to see the bigger story, so incorrectly asserting that the machine behind a particular IP number is a spam haven is a libel on the operator of that machine. Somehow there seems to be a lack of understanding by the ORBS maintainers that an entity as provider of a number-range should be treated separately from that same entity as user of *some* of those numbers; not to do so is just petty politics of the worst kind: "if you don't comply then not only will we blacklist the IP addresses of your machines, we'll try to chase away your customers who are using completely separate IP addresses". I regard this latest episode with Telstra as a very serious breach of public trust by ORBS; even if blacklisting Telstra's own machines is justified, it is simple laziness to blacklist the entire number range rather than those individual numbers which are demonstrably Telstra's machines. And if Telstra assigns a netblock to some other entity who then runs an open relay, then it is that other entity which should be blacklisted, not all of Telstra's customers. Otherwise where does it end; blacklisting APNIC's 202.0.0.0? This travesty of justice is by no means new, merely on a larger scale from what ORBS has already done before: I have a telehoused box (which I've always taken great pains to ensure is "orbs compliant") that last year was put on ORBS blacklist because one of the other machines on the same /24 was a relay. Somebody at ORBS assumed that all IP addresses in the /24 were operated by the same entity, and added the lot to the blacklist. If it had been changed promptly when it was explained that these addresses were mostly operated by separate entities, then I've have just put it down to overzealousness, but that this situation persisted until a few months ago shows that it was simply petty politics trying to force compliance of a few machines by scaring away their owners' customers -- even people who had no dealings whatsoever with the noncompliant machines. I'm pissed off that ORBS has sullied my reputation simply by association with people I happen to be in the same /24 with; ORBS decided somehow they were my responsibility. Like Ben Elliston said: there's something wrong with this picture. -Martin. --------- To unsubscribe from nznog, send email to majordomo(a)list.waikato.ac.nz where the body of your message reads: unsubscribe nznog