Home page logo
/

nanog logo nanog mailing list archives

Re: Stealth Blocking
From: "Richard A. Steenbergen" <ras () e-gerbil net>
Date: Wed, 23 May 2001 21:49:35 -0400 (EDT)


On Wed, May 23, 2001 at 11:42:21PM +0100, Alex Bligh wrote:

1)  MAPS is a single self appoint law enforcement agency on the INTERNET.
a) MAPS creates the LAW, ie. no open relay
b) MAPS enforces the law

I didn't think I'd ever be drawn into this debate, however...

Ditto... I hate spam as much as the next guy, and I don't believe MAPS is
part of any grand scheme to take over the internet, yada yada, but...

MAPS publishes a list of IP addresses. It might use whatever
bizarre mechanism it likes to generate them. However, in my
personal view, and many many other people, this lists bears a very
good correlation to IP addresses which I don't want sending
email to my mail server. They do this for free. Noone is forced
to use them. If you think the way they identify these IP

Have you ever had a run-in with the check verification system Chex
Systems? They have an argument similar to this one for MAPS, they don't
actually stop anyone from getting a checking account, they just "maintain
a list", and individual banks make the decision to deny you if you are on
that list, with the seemingly noble goal of "preventing check fraud and
keeping costs lower for everyone else".

But the reality of the situation is that if you ever have the slightest
problem with your checking account, you are marked for 7 years. I had a
$14 overdraft on one checking account, and to make things worse it was the
bank's fault and they supposidly removed it from their records. But Chex
Systems doesn't want the incidents removed from their records, they ask
banks to report every incident even if it is resolved promptly. Trying to
call them and get through to a person is like trying to find the free porn
by following the free porn links, the best you can get is a free copy of
your Chex Systems record (required by law) so you can see why you are
marked. And I challange you to find a bank who doesn't use them to
disqualify potential checking account applicants, the best you'll find is
0.1% who will overlook a single resolved incident on your record.

I'm not saying MAPS is anything like this, infact they aren't, which is
why they are respectable while ORBS is not. But there is something to be
said for fear of the power of the people who are just "publishing a list".

Unfortunantly, the spam situation of the modern internet requires that you
have some degree of trust in the servers which bring you mail. You might
have better luck trying to restrict the domains or ips to those where you
have actual customers, or try coming to some other reasonable compromise.

P.S. Notice I didn't have to call anyone an idiot to get my point across.

P.P.S. After reading dotcomeon.com, I didn't say I didn't think it. :P

-- 
Richard A Steenbergen <ras () e-gerbil net>       http://www.e-gerbil.net/ras
PGP Key ID: 0x138EA177  (67 29 D7 BC E8 18 3E DA  B2 46 B3 D8 14 36 FE B6)



  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault