Re: [squid-users] Re: Open & abused proxy list(s); appeal for instructions on how to close problems

On Wednesday 20 February 2002 23:11, Allen Smith wrote:

> > b) Abused by foreign users needing an open proxy to bypass
> > various laws or restrictions.
>
> What makes this an abuse problem? That's one reason I might _want_
> to run an open proxy, at least for connecting to port 80... and it
> isn't only foreign users who might need this, at least for the US.
> And, unless we're talking about webmail et al, what relation does
> this have to spam limiting rules?

It has nothing to do with spam, but a lot to do with abuse.

If you run an open proxy then you also take liability for the actions
taken via the proxy to various degrees depending on local laws and
regulations. If you intentionally do this and don't care what is
going on via the proxy, then you most likely do not care about
spammers either.

If you care what is going on via your proxy, then you shouldn't be
running an open proxy but a service requiring user registration or
one only proxying a selected set of sites/services (not protocols),
and strict anti-abuse rules to prevent spamming and related abuese of
the proxy.

I estimate that 95% or more of all open proxies are left open
unintentionally by mistake or oversight by the administrator. 98% of
the intentionally open proxies are run "illegally" without the
consent of the network operators or administrators by users not
knowing about the possible impacts, leaving about .1% of the open
proxies as lawful intended open proxies, and about 90% of those are
run without any risk assesment on abuse, leaving about .01% of the
open proxies that are intentionally run as lawful and responsible
open proxies.

> Tell that to AT&T WorldNet - see
> http://www.internetnews.com/isp-news/article/0,,8_976831,00.html.
> Spam is, as RFG has put it, an Internet infrastructure attack.

It in deed is. My comment was relating to the seriousnesses of the
issues one can expect from running an open proxy.

Spamming mostly hurts the spammed and the mail infrastructure of
their ISPs, not so much the relays.

Should also note that most spamming via a proxy is not technically
spamming via the proxy, merely bypassing SMTP anti-spam rules by
jumping via a proxy to gain access to a SMTP relay server and to
conseal the origin. The spammer still needs to know a relay host
where to inflate the spam to gain any noticeable effect. But this is
a minor technicality of no importance.

Regards
Henrik Nordström
Received on Wed Feb 20 2002 - 16:14:39 MST