Merit Network
Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: anti-spam vs network abuse

  • From: David Schwartz
  • Date: Fri Feb 28 00:59:44 2003

On Thu, 27 Feb 2003 22:36:37 -0500 (EST), jlewis@lewis.org wrote:

>This sort of activity is becoming more common / mainstream, so 
>people
>ought to just get used to it.  Road Runner is doing the same thing
>(according to http://sec.rr.com/probing.htm) which is pretty ironic
>given
>how their security department has gotten along with (or not) various
>DNSBLs in the past.

	It has always been my opinion that if somebody connects to you, they 
are implicitly granting you the right to connect back to them on 
well-known ports. I have discussed this opinion with several dozen 
people and have yet to find one who disagrees. (Though I'm sure 
they're probably out there.)

	I've dealt with any number of abuse complaints, many from 
governmental and quasi-governmental group. They've all accepted my 
cut/pasted explanation and we've been whitelisted by several such 
organizations.

	I often use the following as the 'meat' paragraph of my reply:

"In accord with our terms of service, when someone makes a connection 
to one of our machines, we make connections back to them to ensure 
they're not connecting through an open proxy. These connections are 
to each of the ports on which such proxies commonly run and some 
ports may require more than one connection to test multiple 
protocols. We never do such a probe except as a response to a  
connection made to us."

-- 
David Schwartz
<davids@webmaster.com>






Discussion Communities


About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home


Merit Network, Inc.