Slashdot Mirror

← Back to Stories (view on slashdot.org)

UPDATED: AOL Added To ORBS List - At Their Request

Posted by ryuzaki0 on from the maybe-this-will-help-my-spam dept.

A couple of people have sent us the word that AOL has managed to get itself added into the ORBS list for having open mail relays. Let's hope this inclusion makes them clean it up a little bit more. You can check the full database to see other servers in there. I've talked with the folks at AOL - the two servers that were added were at their request, so that no one would take advantage of them. More info in a bit. Update: 03/29 03:20 by E : Read more below; we got E-mail from Scott Crain, AOL's 'Spamdinista.'

Scott Crain, AOL 'Spamdinista,' wrote in with an update, and to make what's going on crystal clear.

There are two machines that have been added to ORBS on AOL's networks, at my request. The two machines are a new system in place to allow us to keep spammers from using outbound SMTP connections to spam the rest of the net with junk. Alan Brown, the maintainer of ORBS and I correspond frequently on a couple mailing lists we both frequent, and he asked if it would be ok if I had him place these two machines in ORBS, to which I agreed.

Basically, the two machines that are there are the external gateway for a percentage of AOL members using their TCP connectivity to send mail out of AOL without using the AOL client. It's no different than blocking AOL's dialup IP's (*.ipt.aol.com) as the MAPS DUL does currently.

In other words, this is a good thing. I'm sure I'm not the only one who doesn't like spam from AOL, and this looks like a step in the right direction.

7 of 220 comments (clear)

  1. ORBS is NOT a "Black Hole" by handorf · · Score: 4
    You can just use ORBS to flag potential spam.

    From their What is this? Page:

    ORBS is NOT a "black hole" - we do not disseminate routing information causing included hosts to be
    unreachable from portions of the Internet. Running an open relay is usually accidental and those admins who
    continue to run open relays after being warned about it by ORBS and/or other entities will eventually find
    themselves in the MAPS RBL - which is a "black hole" and is used by at least 40% of the mail servers on the
    Internet.

    ORBS tracks these systems so that people operating mailservers subscribed to our database can block
    e-mail coming from open relays until such time as they are fixed to no longer permit third-party SMTP relay.

    Admins may alternatively set their systems up to tag messages delivered from open servers as "possibly
    spam", or just log the connections. What any admin does is entirely up to that admin. If you've been blocked
    from delivering mail and given a pointer to this site please note: It is the decision of the administrator of the site
    which blocked you to disallow mail from open relays. Those open relays must comply with that admin's rules
    (not ours) in order to deliver mail to that site - we're just verifying to the admin whether a host is an open relay
    or not.

    --
    -- IANAEG - I am not an elder god.
  2. I hope this is true by DrSkwid · · Score: 4

    despite the fact that it's great fun watching people find outlets for their high horse talk, heck I'm one of 'em.

    I've never used AOL or had any problem with any of it's users. What I do know is that it's using it's muscle in the UK for force down the price of access. They are attempting to expand in the UK not by simply wooing competitors customers but by expanding the market. In this way even maintaining market share - or even losing some - is still a win. When players such as Freeserve haven't turned a profit but derive their huge revenue from bloated cost of access they are still vulnerable to the next wave.
    AOL was the first major company to move to a 1p a minute 24 hour access. Previously it was 4p per minute for daytime modem access (8am-6pm). Others have quickly followed (ntl: for instance) and now we are beginning to see flat rate 24/7 access finally arrive.
    The UK is finally going to come alive net wise so expect plenty more AOL users to come aboard.
    .oO0Oo.

    --
    There are places where the networks are not touching,and there are places where they are-Boeing's Lori Gunter
  3. I'm on the blacklist, and likely to stay there... by Anonymous Coward · · Score: 5

    [posting anonymously for obvious reasons]

    Our company's primary mail server has been in the ORBS database for a long, long time... We made the choice (mistake?) of choosing a closed-source, commercial mail package running on Windows NT Server instead of something open (like Sendmail or Qmail). I've been regretting it ever since...

    Our relay is partially open - it allows relay only if the sender's e-mail address or at least one recipient's e-mail address is from a locally-hosted domain. Not the most secure method, perhaps, but it seems to be enough extra work that spammers simply find a wide-open relay and use it instead of us.

    Originally, we had a completely open relay, but after a few incidents where our server was used by spammers, we paid (through the nose) for an add-on option to our mail server to allow this selective relay ability. During one of these incidents, we were added to the ORBS database. And once you're in the ORBS database, you never, ever, ever get out, even if you're clean.

    We passed the ORBS test with flying colors after getting the selective relay option working on our system... until about a year later, ORBS put us back in the database, after adding a couple new tests. One of the tests (NULL sender envelope) got through our system, and we were once again considered an "open" relay.

    About that time, our mail server vendor had just released a new version of their software, including a fix for the problems ORBS detected. And it was bargain priced - only $1,500 US to upgrade to version 4.0! And hey - that "unlimited" domain hosting option we paid for? Sorry, not available in version 4.0, we'll have to pay-per-domain. Oh, and we'll have to pay extra to upgrade the anti-spam option we already paid $800 extra for just a few months ago.

    This is turning into a ramble... I guess my point is, thanks to needing to have a partially open relay to support our remote and traveling users (quite a large number) and getting screwed over by our software vendor, we're now considered an "open" relay. So far, in the past six months or so since we were re-classified as open, we haven't had a single message bounce back to us, and we haven't had a single incident of spammers hijacking our server... but it still drives me nuts thinking that our server is in a blacklist.

    I've been looking at a few options, such as the new authenticated SMTP options available in Sendmail and Qmail, but realistically? If it's not causing us a problem (i.e. bounced/blocked mail) then it's not high enough on our priority list to allocate the time and resources required to do it right.

    And that's why I'm on the blacklist, and likely to stay there for the foreseeable future...

  4. No surprises here... by seebs · · Score: 5

    ORBS has, for quite a long time, been a list of "open relays, sites that object to being port-scanned, systems whose admins irritate the ORBS admins, systems that block port scans", and the like.

    Really, they're jerks, and you should *NOT* use them to filter mail, unless you particularly think that everyone in the world has a moral obligation to let some guy run relay-rape attempts on their servers any time he feels like it.

    I like MAPS. I don't like ORBS.

    --
    My blog: http://www.seebs.net/log/ --- My iPhone/iPad app: http://www.seebs.net/seebsfrac/
  5. Re:I'm on the blacklist, and likely to stay there. by IIH · · Score: 5

    There's a much better way to do this. I modified our POP server at a previous employer such that it placed an IP on an approved relay list for up to two hours after a valid authentication

    I have also this set up, but there is one problem. People dial up check their email, fine, and disconnect. Then they compose replies and reconnect (Ususally with a different IP, of course :( Alas, Outlook attempts to send email before it checks, so all those replies would be rejected. (It only has a send/recieve button, not two different "check" and "send" buttons) So, now they all have a little app that does a pop3 login, which they have to run before sending anything.
    --

    --
    Exigo spamos et dona ferentes
  6. Why AOL was put in ORBS (I know... I did it) by scrain · · Score: 5

    AOL has some new machines in place to redirect part of what would normally be the dialup (*.ipt.aol.com) mail traffic through machines where we can monitor the volume to control spam. We're just testing it at the moment, and these redirection proxy machines are the ones listed in ORBS, with my support and permission. AOL's dialups have been listed in ORBS and the MAPS DUL for a long time, because well, lots of mail shouldn't come directly from dialups to someone else's mailserver.

    Now what're y'all gonna say, when ya find out that AOL added those machines to ORBS for your own good.

    Scott Crain
    AOL Mail Operations

  7. AOL on ORBS list by multipartmixed · · Score: 5

    This is actually quite frustrating. As a consumer, I strongly dislike AOL. However, they have a huge share of the North American e-mail market. I am trying to convince my superiors to let me start refusing mail based on ORBS and MAPS RBL queries, but denying a large volume of legitimate mail (as the case would be with AOL on the ORBS list) actually puts us in a situation where our customers would be complaining that they can't get their e-mail. O, woe is me. Is there a solution to this conundrum? I don't for one minute believe that AOL gives a rat's ass about open relays, or what list they are on -- after all, they are used to being hated. Hrmp.

    --

    --

    Do daemons dream of electric sleep()?