Home page logo

nanog logo nanog mailing list archives

Re: Stealth Blocking
From: Robert Sharp <rsharp () appliedtheory com>
Date: Wed, 23 May 2001 12:57:24 -0400

I like how MAPS is allowed to black hole your machines and their traffic.  But if
you deny them access to your network resource as they are you are automatically
assumed a spammer.  Wait you don't believe the same things we do, well you must
be the enemy.

I think we can all agree spam isn't a good thing, but where we drawn the line is
something we can't agree on.  When you start black holing traffic to hosts and
making that choice for other people.  MAPS does this with their blacking of
traffic.  This type of power in the hands of a single person/organization is
wrong.  I would propose a system whereas there are multiple representatives from
many viewpoints to make VERY SERIOUS decisions like this.  I don't care how many
disclaimers you have in your contracts, it's not the right way to deal with this


Rob Sharp

Mitch Halmu wrote:

On Wed, 23 May 2001, John Payne wrote:

Umm... yes.  You run an open, abused mail relay, got listed in RSS and
whine about it rather than fix it.

I have posted two URLs, one was to a slashdot article describing a stealth
assault on Macromedia. So as to clarify the provenance of the URL
previously given by others in full context. Don't see your comments
there. Why? Perhaps the ACLU and those other do-good  organizations
command more respect than an ISP? But they're talking about the same

The latter was to explain our position. Let's make several things clear.
First, what is the difference between an open relay and a free email
account somewhere? None, absolutely none. You could subscribe as Michael
Mouse today, and the emperor of China tomorrow. Yet such service, with no
credit card or implant chip to validate your true identity, giving away
free resources to the world, is perfectly legit in your judgement.

NetSide maintains its own access control list. If a particular ip or ip
range didn't abuse our servers, we feel no need to lock them out. And
certainly not because you say so. Not to mention that all instances of
abuse can be traced from logs to someone's ip, and there is a venue of
complaint with the abuser's provider. We have a valid reason for doing
so: locking our servers would prevent our customers from roaming, and we
would also lose a good part of our non-local client base, some of them
subscribed since 1995, who couldn't make full use of their accounts

Second, open relays were the norm until Paul Vixie decided you should do
otherwise. And in many cases, he convinced thy by brute force that his
way is the right way is the only way. But it wasn't the legal way. Most
providers bent over and silently took the punishment. We won't. Do I seem
to whine here?

Third, the new 'rule' MAPS just came up with now is that you must keep your
server open to their 'testing', or they'll blackhole you. See for yourself:
That is the reason given for blocking us the second time around. No new
'evidence', just open wide for inspection and say ahhh...

Could you be more clueless?

That's just about what I was going to ask you. This is not about the
merits of some technological implementation over another. It is about
basic rights and freedoms shamelessly trampled upon by those that can
thump their chests the loudest and have Daddy Warbucks bankroll their
operation. Say you fall out of grace with the 'in' crowd tomorrow, could
it be your turn?

If you want to whine some more, news.admin.net-abuse.email is over there ->
and spam-l is that way <-

And you, John Payne, are here. And clearly on the side of the network
operator that's deliberately destroying the connectivity of other networks.
This problem won't just go away, as much as you want it swept under the


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]