[Fwd: Re: [Techtalk] sendmail/RBL question (linuxchix)]

Kai MacTane kmactane at GothPunk.com
Fri Mar 29 13:28:20 EST 2002 

At 3/28/02 07:44 PM , Linda Laubenheimer wrote:
>all MAPS does is make statements of fact -- you can challenge the 
>factualness of those statements and there is a process for that.  but maps 
>isn't blocking e-mail, it's just publishing a list.

Indeed. This is what makes me wonder why MAPS seems to have fared so poorly 
in court cases. I keep reading about how someone sues MAPS over being put 
in the RBL, and eventually, MAPS winds up settling with them. To which my 
response is, "Huh? Why do they need to settle? This is not up for debate; 
MAPS isn't stopping anyone's mail, they're just putting out a list of open 
relays. This is *provable* stuff. How can these attackers have a leg to 
stand on?"

I realize you may not be able to comment on this, of course. But if you 
can, I'd love to know what's been going wrong in court. Are they just 
totally uninterested in the technical aspects, and unwilling to believe 
that it's not MAPS blocking people's email?

>you think that's something?  try www.dotcomeon.com for some real
>flavour.

Holy cow. These people's conspiracy theories don't even exhibit internal 
consistency. First they claim the RBL service is so horrible that nobody 
wants to use it, and it's only making headway because the code is included 
in Sendmail ("ISPs are coerced into unconditionally obeying the Vixie 
prescribed setup"). Then, they try to spook us with the news that the RBL+ 
service costs money. ("The day has come [when Vixie's prediction that you'd 
have to pay to send email comes true]! For now, your ISP needs to pay the 
piper. Vixie's new service, the RBL+ master blackhole list, charges as 
follows...") (Roughly half-way down the excessively long page, just before 
the "Is Blackholing Legal?" header.)

So, MAPS is simultaneously shoving a service we don't want down our throats 
*and* charging us for it? Gosh, why wouldn't we just not send them any 
money and not use their service?

While we're at it, they claim that one of MAPS' injustices is in trying to 
force all ISPs to only allow mail relaying from inside their own netblock, 
with no provision for roaming users. dotcomeon claims, under "What is an 
Open Relay?": "According to Paul Vixie, an ISP must 'secure' their SMTP 
server by refusing to relay any message that does not originate from the 
ISP's local network. They do perform a relay test to check if an ISP's mail 
server is configured in their prescribed way. One strike, and you're 
blacklisted until you cave in to pressure!"

Huh? These people apparently have little clue how mail works or how MAPS' 
relaying tests must work. They cannot possibly figure out whether you allow 
access for roaming users. All they can do is see if your machine will allow 
MAPS to relay back to itself. They can't pretend to be your roaming users, 
connect to your POP server from a random IP address, and enter your user's 
username and password. (Unless you're pathetically insecure with your 
passwords, in which case you have much worse problems than getting on the RBL!)

I've been running a POP-before-SMTP service for years now, and never had 
any trouble. This page claims that MAPS "controls your email", but they 
never have (and, let's be honest, they never will) controlled my email, 
because... *I DON'T run an open relay!*

>i agree with this.  read everything that's available and make up your
>own mind, realizing that more than half of what you read will be opinion
>couched as fact and that making up your mind is an exercise of critical
>judgement.

I think the one place where they're really honest is where they say: 
"_What_is_This_Site_About?_  On July 13, 2000, NetSide Corporation's SMTP 
server mailhost.netside.net [205.159.140.2] was included on big brother's 
MAPS RSS blackhole list for being an 'open relay'."

And, rather than figure out how or why that happened, and how to close down 
their relay (or make it selective), they figured they'd just complain.

After all, it's so much easier to write up 78 full kilobytes of 
poorly-thought-out, emotional rant, post it on the Web, and try to whip up 
sympathy by appealing to people's fears than it is to actually figure out 
how to enable a simple POP-before-SMTP authorization for your roaming users 
(while still denying everyone else the ability to relay through your 
mailserver).

(Having recently done a fair chunk of writing, and having also recently 
done a complete Qmail installation from scratch, I can say that the 
previous paragraph is 100% pure sarcasm. Writing 78K of text would take me 
at least twice or thrice as long as that Qmail install -- especially if I 
were doing research to include outside references.)

                                                 --Kai MacTane
----------------------------------------------------------------------
"Before you slip into unconsciousness,
  I'd like to have another kiss,
  Another flashing chance at bliss..."
                                                 --The Doors,
                                                  "The Crystal Ship"

More information about the Techtalk mailing list