Untitled Document

From ???@??? Tue Apr 27 14:34:20 1999
To: drg@verio.net
From: Dean Anderson <dean@av8.com>
Subject: Re: Network probes
Cc:
Bcc:
X-Attachments:
X-Eudora-Signature: <Standard>
X-Persona: <Av8>

Numerous messages such as these. In the first message, he is probing our nameservers.
He has also been probing and relaying through our mail servers as apparent in
the second message, which shows a third party relay initiated by Chris, and
a further threat to run a cronjob in order to goad us into legal action.

Note his offer to "fix" these services after probing is probably
in violation of 18 USC 1030 section 7, which bans unauthorized access with an
extortive purpose. Eg, you can't break into a target system, and then offer
to sell services to repair it.

Even though he signs the mail as a Verio employee, I doubt these are legitimate
Verio services. He repeatedly threatens that Verio will "crush my business".

I have asked him several times to stop probing our servers, but he refuses.
We intend to charge Verio for the unauthorized relaying.

Its one thing to engage in flame on a mail list, its quite another to start
probing servers. Chris Neill doesn't seem to be able to distinguish the difference.

--Dean

----- First Message:

X-Persona: <Av8>
>From rbl-discuss-request@puck.nether.net Mon Apr 26 18:14:00 1999
Received: from puck.nether.net (slist@puck.nether.net [204.42.254.5])
by odie.av8.com (8.8.5/8.8.5) with ESMTP id SAA19438
for <dean@av8.com>; Mon, 26 Apr 1999 18:14:00 -0400 (EDT)
Received: (from slist@localhost)
by puck.nether.net (8.9.3/8.7.3) id SAA10373
for dean@av8.com; Mon, 26 Apr 1999 18:08:41 -0400
(envelope-from rbl-discuss-request@puck.nether.net)
Resent-Date: Mon, 26 Apr 1999 18:08:41 -0400
Received-Date: Mon, 26 Apr 1999 18:08:12 -0400
Message-ID: <19990426180744.D79141@oh.verio.net>
Date: Mon, 26 Apr 1999 18:07:44 -0400
From: Christopher Neill <chris@verio.net>
To: Dean Anderson <dean@av8.com>, Christopher Neill <chris@verio.net>,
Alan Brown <alan@manawatu.gen.nz>, rbl-discuss@puck.nether.net
Subject: Re: Trolls
References: <3.0.32.19990426162926.00dae01c@odie.av8.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
X-Mailer: Mutt 0.93.2i
In-Reply-To: <3.0.32.19990426162926.00dae01c@odie.av8.com>; from Dean Anderson on Mon, Apr 26, 1999
at 04:33:50PM -0400
Organization: Verio Ohio (800) 424-3223 / http://www.verio.net/
X-No-Archive: yes
Resent-Message-ID: <"rQ4DL3.0.hX2.FFE9t"@puck.nether.net>
Resent-From: rbl-discuss@puck.nether.net
X-Mailing-List: <rbl-discuss@puck.nether.net> archive/latest/435
X-Loop: rbl-discuss@puck.nether.net
Precedence: list
Resent-Sender: rbl-discuss-request@puck.nether.net
X-UIDL: 2e5a0820eb37922abb2bc8f4e34a817c

On Mon, Apr 26, 1999 at 04:33:50PM -0400, Dean Anderson wrote:
> At 01:22 PM 4/26/1999 -0400, Christopher Neill wrote:
> >On Sat, Apr 24, 1999 at 01:23:54AM -0400, Dean Anderson wrote:
> >> >3: He's unable to secure his nameservers (host -l)
> >>
> >> Yup. Got to upgrade the nameservers. Thats long overdue. I'm clearly
> >> wasting time with you.
> >
> >Actually, its a configuration change, idiot. For $125.00/hr USD I'll fix
> it for >you.
>
> I doubt you could do that without breaking things.
>
> But you shouldn't be poking around trying look for weaknesses in our servers.

its not a weakness, its that you allow AFXRs. for $125 i'll show you the one-line config change you
have to make to disallow this:

[4:20pm](2):81:/stuff> host -l av8.com
av8.com name server starship.av8.com
av8.com name server concorde.av8.com
mega-10.av8.com has address 198.3.138.10
mega-11.av8.com has address 198.3.138.11
...
[snip.. ]

in fact, for $1200 i'll spend and entire week helping you fix your network, implement secure relaying (hey, how about kerborized sendmail!, thats definitely a standard and its doable too!).. but you dont seem to want help or any suggestions.

incidentally, getting an AFXR from your nameserver is similar to your grief about sendmail -- namely, you refuse to shut down an easily closed off service regardless of the benefits of shutting it down (in this case, privacy, in the case of sendmail, not being a nuisance), and in spite of the marginal benefits the service offers you.

i think the core of your lameness is that you not only want to, but actively insist on operating a public relay (charge or no charge, nothing is stopping chickenboners from taking advantage of you). in fact, this seems to be at the very core of your business.

in a way, paying $50 to test and verify your openness as a relay is almost a worthy financial investment if it would mean that every RBL subscriber on the planet rejected your domain/ip space. that way, your business would soon fade away and the principals of the free market would once again prevail, punishing flawed business ideas.

let me add a note about choice in free markets, because there really isnt as much choice as the consumer believes. stores, retail outlets, choose vendors, they choose them presumably because they deliver quality products in the right quantity, on time, etc. a retailer's choice of a vendor is not who