Talk:Open mail relay
From Wikipedia, the free encyclopedia
I honestly can't help but wonder about the anon who seemed to confidently know so much about the early Internet's mail practices, yet manages to contribute such logical fallacies to WP as fact, and whose edits I am currently refining.
- Open relay elimination has had no effect on spam because spam volume has increased over the same time period that open relays have been eliminated.
- Of course, this is inconclusive. The only way to convincingly argue that DNSBLs have had no effect on spam is to compare a system without open relays (and/or DNSBLs) and a system with them, and then compare the trends. Proving that DNSBLs has not stopped spam entirely has no bearing on whether or not it cuts down on some spam.
- The First Amendment requires other people to let me do and say whatever I want on another person's property.
- This naggingly adolescent misconception is surprisingly (or perhaps not suprisingly) prevalent among so many vocal voices. If one's only understanding of the First Amendment consists solely of the two-word phrase "free speech", then they believe this means they can step on other people for their own ends. Of course, this is not true. Anyone who reads the text of the First Amendment (it's part of this big old piece of paper called the Constitution) sees that it prevents the government from arresting you because of what you say. But we have private property in this country; it is not a socialism where the government owns everything, and private property means that I control the things I own, and even if I let you use them, I still get to say how you use them, and I can decide not to let you use them, cause they're mine. This includes me not letting you using my email server.
Anyway, whee.
- Keith D. Tyler [flame] 19:46, Feb 2, 2005 (UTC)
[edit] Fubar
Fubar: Your edit comments are right, of course; I should have done away with the DNSBL crankiness instead of trying to fmt it. And I did fully intend to remove the section from "shooting the messenger" down to the "Paul Vixie won't do what we say" lament. - Keith D. Tyler [flame] 07:22, Feb 3, 2005 (UTC)
[edit] Obsoleted necessity?
A number of people (all anons) have added a snippet to the effect of "blocking open relays is today pointless because no one uses open relays to send spam anymore."
This is not a logical conclusion. The fact that no one is trying to break into your house does not mean that you should stop locking your doors or remove your alarm system.
- Keith D. Tyler [flame] 23:48, Feb 4, 2005 (UTC)
- Right again. At the moment, people logging into my Linux hosts through unpassworded accounts is not a problem. That doesn't mean I should go set up a bunch of unpassworded accounts. :) --FOo 00:10, 5 Feb 2005 (UTC)
[edit] Two Different Things
Keith Tyler: You leap from one topic to another. Open relay elimination has had no effect on spam. This is not unanticipated: RFC 2505, which advises people to secure their open relays, warns that the "relay rules" will not reduce spam. The issue is elimination of open relays, not DNSBLs. The implication of the caution in RFC 2505 is that DNSBLs will be necessary: the campaign to eliminate open relays will not reduce incoming spam because the incoming spam volume will remain undiminished as long as the number of available open relays to forward that spam is adequate for the spam volume. Stating that elimination of open relays doesn't affect spam says nothing about DNSBLs. It is probably true that many of the loudest DNSBL advocates are also among the loudest "secure the open relays" advocates. That doesn't change the nature of the statement about securing open relays being ineffectual. There is such a thing as being too eager to leap to the defense of DNSBLs.
(changing subject.) As far as the obsolesence of blocking open relays is concerned I agree heartily with what you say: while there is a possibility of abuse precautions against that abuse are necessary. I'd go further: while there is any chance that spammers might abuse open relays there should be active vigilance against them. For that I advocate open relay honeypots. Rather than act at the destination server level (as DNSBLs do) I advocate countering the spammers at the abuse level, which is what honeypots do.
I think a reasonable case can be made that it is open relay honeypots that have caused the decline in open relay abuse but I suspect putting that specifically into a Wikipedia article would just lead to a long and mostly fruitless battle. Suffice it to say that of the three main abuse-based spam pathways (open relay abuse, open proxy abuse, and zombie abuse) open relay abuse appears to have been largely knocked down. Were we still following the "secure your open relay" philosophy there would be little reason for the spammers to not abuse open relays.
Long and extensive descriptions of the theory behind open relay honeypots were posted in news.admin.net-abuse.email. While all (anti-spammer and spammer alike) could read those it appears that the spammers may have paid the most attention. (This is not to deny the value of the honeypots that were made available, such as Jackpot.) Seeing their vulnerability the spammers moved on to open proxy abuse. When open proxy honeypots began to appear the spammers started moving to zombie abuse to escape the wicked effectiveness of zombie honeypots, as used, for example, by Ron Guilmette.
There's no reason to not have zombie honeypots (and then there's not likely to be any new path the spammers can abuse after zombies.) Microsoft recently converted an actual zombie system to a honeypot and gathered enough evidence that they could file suit against about 20 defendants, most of them "John Does." That's ONE zombie honeypot, 20 defendants. Of course Microsoft has the legal resurces to successfully file the suits and the stature to do so but the power of that single honeypot should be appreciated. Ordinary users operate in precisely the part of the Internet that the spammers choose to abuse: zombie honeypots operated by such ordinary users could have a major anti-spam effect (and of course the spammers don't clearly know which IP addresses are honeypots nor do they know for any IP address that might be a zombie honeypot whether the operator is "just an ordinary user" or is a vey large organization with massive legal resources.)
Minasbeede 16:36, 14 December 2005 (UTC)
