Untitled Document

Date: Mon, 25 Mar 2002 13:26:46 -0500 (EST)
From: Dean Anderson <dean@av8.com>
To: "Terranson, Alif" <Alif.Terranson@savvis.net>
Cc: Abuse <Abuse@savvis.net>, "Julien, Gerda" <Gerda.Julien@savvis.net>,
"Brandt, Katie" <Katie.Brandt@savvis.net>
Subject: RE: Unauthorized Access -- Av8 trace 706 -- 216.171.166.1 (fwd)

I object strenously to this unprofessional conduct and threats of illegal
blocking. Mr. Terranson has demonstrated an ignorance of email systems
and a prejudice against our service when he asserts we are somehow "the
root cause" of relay abuse.

The root cause of relay abuse are abusers, and secondly organizations that
falsely advertise relays as free and solicit abuse to them.

We have encountered abuse admins at ISPs who abuse our services from their
desktops. Such admins have been terminated with apparent prejudice.

Mr. Terransons behavior is wholly and completely inappropriate.

More comments inline.

Dean Anderson
President
Av8 Internet, Inc

On Mon, 25 Mar 2002, Terranson, Alif wrote:

> Good Morning Mr. Anderson,
>
> I have taken the liberty of answering this email with inline
> commetary, just to keep the comments clear, lucid, and on-point: I hope this
> is not to hard on the eyes.
>
> > Our open relay is used for legitimate customer use, as are many open
> > relays. So it is not in violation of the Savvis AUP, and we will not
> > "secure it".
>
> I am afraid that *any* open mail relay is against the Savvis AUP.
> Commensurate with this Savvis policy, the open mail relay must either be
> secured, or taken off the network. Failure to do this will result in
> connectivity to this server being forcibly removed by Savvis, through the
> imposition of null routes.

Clearly your AUP does not prohibit the legitimate use of open relay, any
more than it prevents the legitimate conduct of authorized security scans.

Null routing our address space would violate provisions of the ECPA (18
USC 2501 and 18 USC 2701), as well as violate the terms of our contract
with Savvis.

Intentional violations can be punished criminally and through civil suit,
and can include any profits earned by Savvis as a result of this policy as
well as punitive damages, not less than $1000 per user.

> > We police its use, and do not permit abuse.
>
> According to the logs you have appended, a great deal of illegitimate third
> party email was successfully sent from your open relay, if this is
> incorrect, please let me know.

Your assertion is incorrect. It is similar to demanding dialup service be
halted because some spammers use it. Quite clearly, we respond promptly
and proactively to abuse.

> > Open relay is necessary whenever one provides email services
> > to roaming
> > or outsourced users where SMTP is shared across one or more
> > providers or
> > the user will be using outside access.
>
> Open relay is certainly the *easiest* way to support roaming users, however,
> it is not the only way, and it is certainly not considered to be a Current
> Best Practice. I fully understand how difficult it is to support roaming
> users, but a wide-open mail relay is [unfortunately] not an acceptable
> answer by itself.

This is technically incorrect, and indicates ignorance on your part, or
perhaps a radical anti-relay agenda held by organizations such as ORBZ.
There are certainly situations when open relay is the only solution, not
merely the "easiest" solution. I am happy to provide you with details.

> > SMTP-auth is flawed and
> > unsupported by most mail agents.
>
> A technical point which I have no argument with.
>
> > Further, blocking "open relays" which belong to US ISP's such
> > as ourselves
> > violates the 18 USC 2701(a)(2) which prohibits blocking
> > authorized email.
>
> Please be aware that, while I am not a lawyer, I believe you are
> misinterpreting this subsection. 2701(a)(2) is specifically targeted at
> unauthorized use, not by blockage under a valid and enforceable civil
> contract. Either way, Savvis will competely block IP connectivity to any
> open relay on any network under it's direct or indirect control, where the
> owner of the open relay refuses to repair the issue him/herself.

It also applies to blocking that exceeds the blocking authorized by the
user contract.

> > And last, there is some "Net Rumor" that open relays somehow
> > promote spam.
> >
> > Quite the opposite. Properly configured spam filters are unaffected by
> > relay use--open or closed. A simple procmail script checks
> > the headers in
> > email messages for spam sources if one is using RBL type
> > filters. Vipul's
> > Razor and similar services are also unaffected by relay use.
> > Spammers can
> > be using ISP's closed relays as well. Those who use things like ORBZ
> > actually permit more spam through their filter than
> > necessary, since they
> > can't block spam sent through closed relays despite the fact
> > that it may
> > be originating from a reported spam source.
> >
> > Indeed, we have seeded bogus relays into services like ORBS
> > and found that
> > they are the ones who solicit relay abuse.
>
> These are strictly political arguments which Savvis does not address,
> regardless of the accuracy or inaccuracy of the underlying premises.

The only political argument is your factless and demonstably false
assertion that open relays are unnecessary.

I am willing to provide you with details of scenarios where the only
solution is to operate an open relay.

--Dean